login: uses epochs for login throtting.

Closes #10937
2024-11-26 02:40:26 -06:00 · 2018-02-16 17:25:46 +01:00 · 2018-02-16 17:25:46 +01:00 · 0053be9882
commit 0053be9882
parent 2e9433c495
5 changed files with 27 additions and 9 deletions
--- a/pkg/models/login_attempt.go
+++ b/pkg/models/login_attempt.go
@ -8,7 +8,7 @@ type LoginAttempt struct {
 	Id        int64
 	Username  string
 	IpAddress string
-	Created   time.Time
+	Created   int64
 }

 // ---------------------
--- a/pkg/services/sqlstore/login_attempt.go
+++ b/pkg/services/sqlstore/login_attempt.go
@ -21,7 +21,7 @@ func CreateLoginAttempt(cmd *m.CreateLoginAttemptCommand) error {
 		loginAttempt := m.LoginAttempt{
 			Username:  cmd.Username,
 			IpAddress: cmd.IpAddress,
-			Created:   getTimeNow(),
+			Created:   getTimeNow().Unix(),
 		}

 		if _, err := sess.Insert(&loginAttempt); err != nil {
@ -37,8 +37,8 @@ func CreateLoginAttempt(cmd *m.CreateLoginAttemptCommand) error {
 func DeleteOldLoginAttempts(cmd *m.DeleteOldLoginAttemptsCommand) error {
 	return inTransaction(func(sess *DBSession) error {
 		var maxId int64
-		sql := "SELECT max(id) as id FROM login_attempt WHERE created < " + dialect.DateTimeFunc("?")
-		result, err := sess.Query(sql, cmd.OlderThan)
+		sql := "SELECT max(id) as id FROM login_attempt WHERE created < ?"
+		result, err := sess.Query(sql, cmd.OlderThan.Unix())

 		if err != nil {
 			return err
@ -66,7 +66,7 @@ func GetUserLoginAttemptCount(query *m.GetUserLoginAttemptCountQuery) error {
 	loginAttempt := new(m.LoginAttempt)
 	total, err := x.
 		Where("username = ?", query.Username).
-		And("created >="+dialect.DateTimeFunc("?"), query.Since).
+		And("created >= ?", query.Since.Unix()).
 		Count(loginAttempt)

 	if err != nil {
--- a/pkg/services/sqlstore/migrations/common.go
+++ b/pkg/services/sqlstore/migrations/common.go
@ -34,6 +34,7 @@ func addTableReplaceMigrations(mg *Migrator, from Table, to Table, migrationVers
 	copyTableData := fmt.Sprintf("copy %v %v to %v", to.Name, fromV, toV)
 	dropTable := fmt.Sprintf("drop %v", tmpTableName)

+	addDropAllIndicesMigrations(mg, fromV, from)
 	addTableRenameMigration(mg, from.Name, tmpTableName, fromV)
 	mg.AddMigration(createTable, NewAddTableMigration(to))
 	addTableIndicesMigrations(mg, toV, to)
--- a/pkg/services/sqlstore/migrations/dashboard_mig.go
+++ b/pkg/services/sqlstore/migrations/dashboard_mig.go
@ -187,10 +187,7 @@ func addDashboardMigration(mg *Migrator) {
 			{Name: "external_id", Type: DB_Text, Nullable: false},
 			{Name: "updated", Type: DB_DateTime, Nullable: false},
 		},
-		Indices: []*Index{
-			{Cols: []string{"dashboard_id"}},
-			{Cols: []string{"dashboard_id", "name"}, Type: IndexType},
-		},
+		Indices: []*Index{},
 	}

 	mg.AddMigration("create dashboard_provisioning", NewAddTableMigration(dashboardExtrasTable))
--- a/pkg/services/sqlstore/migrations/login_attempt_mig.go
+++ b/pkg/services/sqlstore/migrations/login_attempt_mig.go
@ -20,4 +20,24 @@ func addLoginAttemptMigrations(mg *Migrator) {
 	mg.AddMigration("create login attempt table", NewAddTableMigration(loginAttemptV1))
 	// add indices
 	mg.AddMigration("add index login_attempt.username", NewAddIndexMigration(loginAttemptV1, loginAttemptV1.Indices[0]))
+
+	loginAttemptV2 := Table{
+		Name: "login_attempt",
+		Columns: []*Column{
+			{Name: "id", Type: DB_BigInt, IsPrimaryKey: true, IsAutoIncrement: true},
+			{Name: "username", Type: DB_NVarchar, Length: 190, Nullable: false},
+			{Name: "ip_address", Type: DB_NVarchar, Length: 30, Nullable: false},
+			{Name: "created", Type: DB_Int, Default: "0", Nullable: false},
+		},
+		Indices: []*Index{
+			{Cols: []string{"username"}},
+		},
+	}
+
+	addTableReplaceMigrations(mg, loginAttemptV1, loginAttemptV2, 2, map[string]string{
+		"id":         "id",
+		"username":   "username",
+		"ip_address": "ip_address",
+		"created":    "created",
+	})
 }