add LockedLogins to settings.

This commit is contained in:
Miroslav Šedivý 2024-04-20 14:27:15 +02:00
parent a178bede87
commit a61eade929
5 changed files with 16 additions and 0 deletions

View File

@ -33,6 +33,8 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) error {
return utils.HttpUnprocessableEntity("session already connected") return utils.HttpUnprocessableEntity("session already connected")
} else if errors.Is(err, types.ErrMemberDoesNotExist) || errors.Is(err, types.ErrMemberInvalidPassword) { } else if errors.Is(err, types.ErrMemberDoesNotExist) || errors.Is(err, types.ErrMemberInvalidPassword) {
return utils.HttpUnauthorized().WithInternalErr(err) return utils.HttpUnauthorized().WithInternalErr(err)
} else if errors.Is(err, types.ErrSessionLoginsLocked) {
return utils.HttpForbidden("logins are locked").WithInternalErr(err)
} else { } else {
return utils.HttpInternalServerError().WithInternalErr(err) return utils.HttpInternalServerError().WithInternalErr(err)
} }

View File

@ -11,6 +11,7 @@ type Session struct {
File string File string
PrivateMode bool PrivateMode bool
LockedLogins bool
LockedControls bool LockedControls bool
ImplicitHosting bool ImplicitHosting bool
InactiveCursors bool InactiveCursors bool
@ -34,6 +35,11 @@ func (Session) Init(cmd *cobra.Command) error {
return err return err
} }
cmd.PersistentFlags().Bool("session.locked_logins", false, "whether logins should be locked for users initially")
if err := viper.BindPFlag("session.locked_logins", cmd.PersistentFlags().Lookup("session.locked_logins")); err != nil {
return err
}
cmd.PersistentFlags().Bool("session.locked_controls", false, "whether controls should be locked for users initially") cmd.PersistentFlags().Bool("session.locked_controls", false, "whether controls should be locked for users initially")
if err := viper.BindPFlag("session.locked_controls", cmd.PersistentFlags().Lookup("session.locked_controls")); err != nil { if err := viper.BindPFlag("session.locked_controls", cmd.PersistentFlags().Lookup("session.locked_controls")); err != nil {
return err return err
@ -87,6 +93,7 @@ func (s *Session) Set() {
s.File = viper.GetString("session.file") s.File = viper.GetString("session.file")
s.PrivateMode = viper.GetBool("session.private_mode") s.PrivateMode = viper.GetBool("session.private_mode")
s.LockedLogins = viper.GetBool("session.locked_logins")
s.LockedControls = viper.GetBool("session.locked_controls") s.LockedControls = viper.GetBool("session.locked_controls")
s.ImplicitHosting = viper.GetBool("session.implicit_hosting") s.ImplicitHosting = viper.GetBool("session.implicit_hosting")
s.InactiveCursors = viper.GetBool("session.inactive_cursors") s.InactiveCursors = viper.GetBool("session.inactive_cursors")

View File

@ -141,6 +141,10 @@ func (manager *MemberManagerCtx) Login(username string, password string) (types.
return nil, "", err return nil, "", err
} }
if !profile.IsAdmin && manager.sessions.Settings().LockedLogins {
return nil, "", types.ErrSessionLoginsLocked
}
session, ok := manager.sessions.Get(id) session, ok := manager.sessions.Get(id)
if ok { if ok {
if session.State().IsConnected { if session.State().IsConnected {

View File

@ -20,6 +20,7 @@ func New(config *config.Session) *SessionManagerCtx {
config: config, config: config,
settings: types.Settings{ settings: types.Settings{
PrivateMode: config.PrivateMode, PrivateMode: config.PrivateMode,
LockedLogins: config.LockedLogins,
LockedControls: config.LockedControls, LockedControls: config.LockedControls,
ImplicitHosting: config.ImplicitHosting, ImplicitHosting: config.ImplicitHosting,
InactiveCursors: config.InactiveCursors, InactiveCursors: config.InactiveCursors,

View File

@ -11,6 +11,7 @@ var (
ErrSessionAlreadyExists = errors.New("session already exists") ErrSessionAlreadyExists = errors.New("session already exists")
ErrSessionAlreadyConnected = errors.New("session is already connected") ErrSessionAlreadyConnected = errors.New("session is already connected")
ErrSessionLoginDisabled = errors.New("session login disabled") ErrSessionLoginDisabled = errors.New("session login disabled")
ErrSessionLoginsLocked = errors.New("session logins locked")
) )
type Cursor struct { type Cursor struct {
@ -40,6 +41,7 @@ type SessionState struct {
type Settings struct { type Settings struct {
PrivateMode bool `json:"private_mode"` PrivateMode bool `json:"private_mode"`
LockedLogins bool `json:"locked_logins"`
LockedControls bool `json:"locked_controls"` LockedControls bool `json:"locked_controls"`
ImplicitHosting bool `json:"implicit_hosting"` ImplicitHosting bool `json:"implicit_hosting"`
InactiveCursors bool `json:"inactive_cursors"` InactiveCursors bool `json:"inactive_cursors"`