Added plug-in tab back button, Bad user login limitor is now per-public IPv4 subnet.

This commit is contained in:
Ylian Saint-Hilaire 2020-01-10 16:25:02 -08:00
parent 96455b8764
commit c86becb014
4 changed files with 20 additions and 8 deletions

View File

@ -699,7 +699,11 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use
if (typeof parent.badLoginTable[i] == 'number') {
r += "Cooloff for " + Math.floor((parent.badLoginTable[i] - Date.now()) / 60000) + " minute(s)\r\n";
} else {
r += (i + ' - ' + parent.badLoginTable[i].length + " entries\r\n");
if (parent.badLoginTable[i].length > 1) {
r += (i + ' - ' + parent.badLoginTable[i].length + " records\r\n");
} else {
r += (i + ' - ' + parent.badLoginTable[i].length + " record\r\n");
}
}
}
if (badLoginCount == 0) { r += 'No bad logins.'; }

View File

@ -2804,6 +2804,7 @@
"default.handlebars->container->column_l->p15->p15title->p15BackButton",
"default.handlebars->container->column_l->p16->p16title->p16BackButton",
"default.handlebars->container->column_l->p17->p17title->p17BackButton",
"default.handlebars->container->column_l->p19->p19title->p19BackButton",
"default.handlebars->container->column_l->p20->p20title->3",
"default.handlebars->container->column_l->p21->p21title->1",
"default.handlebars->container->column_l->p30->1->1->0->1->p30title->1",
@ -12552,7 +12553,7 @@
"pt": "Plugins -",
"ru": "Плагины - ",
"xloc": [
"default.handlebars->container->column_l->p19->1"
"default.handlebars->container->column_l->p19->p19title->3"
]
},
{

View File

@ -788,6 +788,14 @@
</div>
<div id=p17info></div>
</div>
<div id=p19 style="display:none">
<div id="p19title">
<div id="p19BackButton" style="float:left"><div class="backButton" tabindex=0 onclick=goBack() title="Back" onkeypress="if (event.key == 'Enter') goBack()"><div class="backButtonEx"></div></div></div>
<h1>Plugins - <span id=p19deviceName></span></h1>
</div>
<div id="p19headers"></div>
<div id=p19pages></div>
</div>
<div id=p20 style="display:none">
<div id="p20title">
<picture id=MainMeshImage style=border-width:0px;height:200px;width:200px;float:right>
@ -983,11 +991,6 @@
<div id=p51group2></div>
<br />
</div>
<div id=p19 style="display:none">
<h1>Plugins - <span id=p19deviceName></span></h1>
<div id="p19headers"></div>
<div id=p19pages></div>
</div>
<br id="column_l_bottomgap" />
</div>
<div id="footer">
@ -1101,7 +1104,7 @@
<form style="display:none" method=post action=uploadnodefile.ashx enctype=multipart/form-data target=fileUploadFrame><input id=p13fileDragName name="name" /><input id=p13fileDragSize name="size" /><input id=p13fileDragType name="type" /><input id=p13fileDragData name="data" /><input id=p13fileDragLink name="link" /><input type=submit id=p13loginSubmit2 style="display:none" /></form>
<audio id="chimes"><source src="sounds/chimes.mp3" type="audio/mp3" /></audio>
</div>
<script type="text/javascript">
<script type="text/javascript" nonce="abc">
'use strict';
// Process server-side web state

View File

@ -4414,6 +4414,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
if ((typeof parent.config.settings.maxinvalidlogin.coolofftime != 'number') || (parent.config.settings.maxinvalidlogin.coolofftime < 1)) { parent.config.settings.maxinvalidlogin.coolofftime = null; }
obj.setbadLogin = function (ip) { // Set an IP address that just did a bad login request
if (typeof ip == 'object') { ip = cleanRemoteAddr(ip.ip); }
var splitip = ip.split('.');
if (splitip.length == 4) { ip = (splitip[0] + '.' + splitip[1] + '.' + splitip[2] + '.*'); }
if (++obj.badLoginTableLastClean > 100) { obj.cleanBadLoginTable(); }
if (typeof obj.badLoginTable[ip] == 'number') { if (obj.badLoginTable[ip] < Date.now()) { delete obj.badLoginTable[ip]; } else { return; } } // Check cooloff period
if (obj.badLoginTable[ip] == null) { obj.badLoginTable[ip] = [Date.now()]; } else { obj.badLoginTable[ip].push(Date.now()); }
@ -4423,6 +4425,8 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) {
}
obj.checkAllowLogin = function (ip) { // Check if an IP address is allowed to login
if (typeof ip == 'object') { ip = cleanRemoteAddr(ip.ip); }
var splitip = ip.split('.');
if (splitip.length == 4) { ip = (splitip[0] + '.' + splitip[1] + '.' + splitip[2] + '.*'); } // If this is IPv4, keep only the 3 first
var cutoffTime = Date.now() - (parent.config.settings.maxinvalidlogin.time * 60000); // Time in minutes
var ipTable = obj.badLoginTable[ip];
if (ipTable == null) return true;