AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add the possibility to unlock users from the user interface

Browse Source
This commit is contained in:
Frederic Guillot
2016-08-26 21:27:30 -04:00
parent 793eb1074f
commit a24840a533
5 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -3,6 +3,7 @@ Version 1.0.33 (unreleased)
New features: New features:
* Add the possibility to unlock users from the user interface
* New API calls for task metadata * New API calls for task metadata
* New automatic actions: * New automatic actions:
- Define colour by Swimlane - Define colour by Swimlane

17
app/Controller/UserCredentialController.php
View File

@@ -106,4 +106,21 @@ class UserCredentialController extends BaseController
return $this->changeAuthentication($values, $errors); return $this->changeAuthentication($values, $errors);
} }
/**
* Unlock user
*/
public function unlock()
{
$user = $this->getUser();
$this->checkCSRFParam();
if ($this->userLockingModel->resetFailedLogin($user['username'])) {
$this->flash->success(t('User unlocked successfully.'));
} else {
$this->flash->failure(t('Unable to unlock the user.'));
}
$this->response->redirect($this->helper->url->to('UserViewController', 'show', array('user_id' => $user['id'])));
}
} }

2
app/ServiceProvider/AuthenticationProvider.php
View File

@@ -151,7 +151,7 @@ class AuthenticationProvider implements ServiceProviderInterface
$acl->add('UserCreationController', '*', Role::APP_ADMIN); $acl->add('UserCreationController', '*', Role::APP_ADMIN);
$acl->add('UserListController', '*', Role::APP_ADMIN); $acl->add('UserListController', '*', Role::APP_ADMIN);
$acl->add('UserStatusController', '*', Role::APP_ADMIN); $acl->add('UserStatusController', '*', Role::APP_ADMIN);
$acl->add('UserCredentialController', array('changeAuthentication', 'saveAuthentication'), Role::APP_ADMIN); $acl->add('UserCredentialController', array('changeAuthentication', 'saveAuthentication', 'unlock'), Role::APP_ADMIN);
return $acl; return $acl;
} }

5
app/Template/user_view/show.php
View File

@@ -18,6 +18,11 @@
<li><?= t('Number of failed login:') ?> <strong><?= $user['nb_failed_login'] ?></strong></li> <li><?= t('Number of failed login:') ?> <strong><?= $user['nb_failed_login'] ?></strong></li>
<?php if ($user['lock_expiration_date'] != 0): ?> <?php if ($user['lock_expiration_date'] != 0): ?>
<li><?= t('Account locked until:') ?> <strong><?= $this->dt->datetime($user['lock_expiration_date']) ?></strong></li> <li><?= t('Account locked until:') ?> <strong><?= $this->dt->datetime($user['lock_expiration_date']) ?></strong></li>
<?php if ($this->user->isAdmin()): ?>
<li>
<?= $this->url->link(t('Unlock this user'), 'UserCredentialController', 'unlock', array('user_id' => $user['id']), true) ?>
</li>
<?php endif ?>
<?php endif ?> <?php endif ?>
</ul> </ul>

9
doc/bruteforce-protection.markdown
View File

@@ -12,6 +12,9 @@ However, **after three authentication failure through the user API**, the accoun
Kanboard doesn't block any IP addresses since bots can use several anonymous proxies. However, you can use external tools like [fail2ban](http://www.fail2ban.org) to avoid massive scans. Kanboard doesn't block any IP addresses since bots can use several anonymous proxies. However, you can use external tools like [fail2ban](http://www.fail2ban.org) to avoid massive scans.
Configuration
-------------
Default settings can be changed with these configuration variables: Default settings can be changed with these configuration variables:
```php ```php
@@ -24,3 +27,9 @@ define('BRUTEFORCE_LOCKDOWN', 6);
// Lock account duration in minutes // Lock account duration in minutes
define('BRUTEFORCE_LOCKDOWN_DURATION', 15); define('BRUTEFORCE_LOCKDOWN_DURATION', 15);
``` ```
Unlocking users
---------------
If you don't want to wait 15 minutes, you can unlock a user from the user interface.
As administrator, go to the user profile and click on "Unlock this user".