moon
/
enigma-bbs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check bad usernames @ login

This commit is contained in:
Bryan Ashby 2018-12-24 15:32:38 -07:00
parent 73e8b0454e
commit 06a1925288
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
core/enig_error.js
View File

@ -50,4 +50,5 @@ exports.ErrorReasons = {
Disabled : 'DISABLED', Disabled : 'DISABLED',
Inactive : 'INACTIVE', Inactive : 'INACTIVE',
Locked : 'LOCKED', Locked : 'LOCKED',
NotAllowed : 'NOTALLOWED',
}; };

4
core/servers/login/ssh.js
View File

@ -114,6 +114,10 @@ function SSHClient(clientConn) {
return handleSpecialError(err, username); return handleSpecialError(err, username);
} }
if(Errors.BadLogin().code === err.code) {
return terminateConnection();
}
return safeContextReject(SSHClient.ValidAuthMethods); return safeContextReject(SSHClient.ValidAuthMethods);
} }

7
core/user_login.js
View File

@ -23,9 +23,14 @@ const _ = require('lodash');
exports.userLogin = userLogin; exports.userLogin = userLogin;
function userLogin(client, username, password, cb) { function userLogin(client, username, password, cb) {
client.user.authenticate(username, password, err => {
const config = Config(); const config = Config();
if(config.users.badUserNames.includes(username.toLowerCase())) {
client.log.info( { username : username }, 'Attempt to login with banned username');
return cb(Errors.BadLogin(ErrorReasons.NotAllowed));
}
client.user.authenticate(username, password, err => {
if(err) { if(err) {
client.user.sessionFailedLoginAttempts = _.get(client.user, 'sessionFailedLoginAttempts', 0) + 1; client.user.sessionFailedLoginAttempts = _.get(client.user, 'sessionFailedLoginAttempts', 0) + 1;
const disconnect = config.users.failedLogin.disconnect; const disconnect = config.users.failedLogin.disconnect;