Browse Source

Expose WebUI ban duration to users

adaptive-webui-19844
Chocobo1 5 years ago
parent
commit
6eb190c373
No known key found for this signature in database
GPG Key ID: 210D9C873253A68C
  1. 12
      src/base/preferences.cpp
  2. 2
      src/base/preferences.h
  3. 3
      src/gui/optionsdialog.cpp
  4. 49
      src/gui/optionsdialog.ui
  5. 3
      src/webui/api/appcontroller.cpp
  6. 4
      src/webui/api/authcontroller.cpp
  7. 6
      src/webui/www/private/views/preferences.html

12
src/base/preferences.cpp

@ -29,6 +29,8 @@ @@ -29,6 +29,8 @@
#include "preferences.h"
#include <chrono>
#ifdef Q_OS_MACOS
#include <CoreServices/CoreServices.h>
#endif
@ -631,6 +633,16 @@ void Preferences::setWebUIMaxAuthFailCount(const int count) @@ -631,6 +633,16 @@ void Preferences::setWebUIMaxAuthFailCount(const int count)
setValue("Preferences/WebUI/MaxAuthenticationFailCount", count);
}
std::chrono::seconds Preferences::getWebUIBanDuration() const
{
return std::chrono::seconds {value("Preferences/WebUI/BanDuration", 3600).toInt()};
}
void Preferences::setWebUIBanDuration(const std::chrono::seconds duration)
{
setValue("Preferences/WebUI/BanDuration", static_cast<int>(duration.count()));
}
int Preferences::getWebUISessionTimeout() const
{
return value("Preferences/WebUI/SessionTimeout", 3600).toInt();

2
src/base/preferences.h

@ -196,6 +196,8 @@ public: @@ -196,6 +196,8 @@ public:
void setWebUIPassword(const QByteArray &password);
int getWebUIMaxAuthFailCount() const;
void setWebUIMaxAuthFailCount(int count);
std::chrono::seconds getWebUIBanDuration() const;
void setWebUIBanDuration(std::chrono::seconds duration);
int getWebUISessionTimeout() const;
void setWebUISessionTimeout(int timeout);

3
src/gui/optionsdialog.cpp

@ -422,6 +422,7 @@ OptionsDialog::OptionsDialog(QWidget *parent) @@ -422,6 +422,7 @@ OptionsDialog::OptionsDialog(QWidget *parent)
connect(m_ui->checkBypassAuthSubnetWhitelist, &QAbstractButton::toggled, this, &ThisType::enableApplyButton);
connect(m_ui->checkBypassAuthSubnetWhitelist, &QAbstractButton::toggled, m_ui->IPSubnetWhitelistButton, &QPushButton::setEnabled);
connect(m_ui->spinBanCounter, qSpinBoxValueChanged, this, &ThisType::enableApplyButton);
connect(m_ui->spinBanDuration, qSpinBoxValueChanged, this, &ThisType::enableApplyButton);
connect(m_ui->spinSessionTimeout, qSpinBoxValueChanged, this, &ThisType::enableApplyButton);
connect(m_ui->checkClickjacking, &QCheckBox::toggled, this, &ThisType::enableApplyButton);
connect(m_ui->checkCSRFProtection, &QCheckBox::toggled, this, &ThisType::enableApplyButton);
@ -772,6 +773,7 @@ void OptionsDialog::saveOptions() @@ -772,6 +773,7 @@ void OptionsDialog::saveOptions()
pref->setWebUIHttpsCertificatePath(m_ui->textWebUIHttpsCert->selectedPath());
pref->setWebUIHttpsKeyPath(m_ui->textWebUIHttpsKey->selectedPath());
pref->setWebUIMaxAuthFailCount(m_ui->spinBanCounter->value());
pref->setWebUIBanDuration(std::chrono::seconds {m_ui->spinBanDuration->value()});
pref->setWebUISessionTimeout(m_ui->spinSessionTimeout->value());
// Authentication
pref->setWebUiUsername(webUiUsername());
@ -1156,6 +1158,7 @@ void OptionsDialog::loadOptions() @@ -1156,6 +1158,7 @@ void OptionsDialog::loadOptions()
m_ui->checkBypassAuthSubnetWhitelist->setChecked(pref->isWebUiAuthSubnetWhitelistEnabled());
m_ui->IPSubnetWhitelistButton->setEnabled(m_ui->checkBypassAuthSubnetWhitelist->isChecked());
m_ui->spinBanCounter->setValue(pref->getWebUIMaxAuthFailCount());
m_ui->spinBanDuration->setValue(pref->getWebUIBanDuration().count());
m_ui->spinSessionTimeout->setValue(pref->getWebUISessionTimeout());
// Security

49
src/gui/optionsdialog.ui

@ -2987,25 +2987,15 @@ Specify an IPv4 or IPv6 address. You can specify &quot;0.0.0.0&quot; for any IPv @@ -2987,25 +2987,15 @@ Specify an IPv4 or IPv6 address. You can specify &quot;0.0.0.0&quot; for any IPv
</widget>
</item>
<item>
<layout class="QHBoxLayout" name="horizontalLayout_19">
<item>
<layout class="QGridLayout" name="gridLayout_10">
<item row="0" column="0">
<widget class="QLabel" name="lblBanCounter">
<property name="text">
<string>Ban client after consecutive failures:</string>
</property>
</widget>
</item>
<item>
<widget class="QSpinBox" name="spinBanCounter">
<property name="specialValueText">
<string>Never</string>
</property>
<property name="maximum">
<number>2147483647</number>
</property>
</widget>
</item>
<item>
<item row="0" column="2">
<spacer name="horizontalSpacer_15">
<property name="orientation">
<enum>Qt::Horizontal</enum>
@ -3018,6 +3008,39 @@ Specify an IPv4 or IPv6 address. You can specify &quot;0.0.0.0&quot; for any IPv @@ -3018,6 +3008,39 @@ Specify an IPv4 or IPv6 address. You can specify &quot;0.0.0.0&quot; for any IPv
</property>
</spacer>
</item>
<item row="0" column="1">
<widget class="QSpinBox" name="spinBanCounter">
<property name="specialValueText">
<string>Never</string>
</property>
<property name="maximum">
<number>2147483647</number>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLabel" name="lblBanDuration">
<property name="text">
<string>ban for:</string>
</property>
<property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QSpinBox" name="spinBanDuration">
<property name="suffix">
<string> sec</string>
</property>
<property name="minimum">
<number>1</number>
</property>
<property name="maximum">
<number>2147483647</number>
</property>
</widget>
</item>
</layout>
</item>
<item>

3
src/webui/api/appcontroller.cpp

@ -233,6 +233,7 @@ void AppController::preferencesAction() @@ -233,6 +233,7 @@ void AppController::preferencesAction()
authSubnetWhitelistStringList << Utils::Net::subnetToString(subnet);
data["bypass_auth_subnet_whitelist"] = authSubnetWhitelistStringList.join("\n");
data["web_ui_max_auth_fail_count"] = pref->getWebUIMaxAuthFailCount();
data["web_ui_ban_duration"] = static_cast<int>(pref->getWebUIBanDuration().count());
data["web_ui_session_timeout"] = pref->getWebUISessionTimeout();
// Use alternative Web UI
data["alternative_webui_enabled"] = pref->isAltWebUiEnabled();
@ -604,6 +605,8 @@ void AppController::setPreferencesAction() @@ -604,6 +605,8 @@ void AppController::setPreferencesAction()
}
if (hasKey("web_ui_max_auth_fail_count"))
pref->setWebUIMaxAuthFailCount(it.value().toInt());
if (hasKey("web_ui_ban_duration"))
pref->setWebUIBanDuration(std::chrono::seconds {it.value().toInt()});
if (hasKey("web_ui_session_timeout"))
pref->setWebUISessionTimeout(it.value().toInt());
// Use alternative Web UI

4
src/webui/api/authcontroller.cpp

@ -36,8 +36,6 @@ @@ -36,8 +36,6 @@
#include "apierror.h"
#include "isessionmanager.h"
constexpr int BAN_TIME = 3600000; // 1 hour
void AuthController::loginAction()
{
if (sessionManager()->session()) {
@ -116,6 +114,6 @@ void AuthController::increaseFailedAttempts() @@ -116,6 +114,6 @@ void AuthController::increaseFailedAttempts()
if (failedLogin.failedAttemptsCount >= Preferences::instance()->getWebUIMaxAuthFailCount()) {
// Max number of failed attempts reached
// Start ban period
failedLogin.banTimer.setRemainingTime(BAN_TIME);
failedLogin.banTimer.setRemainingTime(Preferences::instance()->getWebUIBanDuration());
}
}

6
src/webui/www/private/views/preferences.html

@ -733,6 +733,10 @@ @@ -733,6 +733,10 @@
<td><label for="webUIMaxAuthFailCountInput">QBT_TR(Ban client after consecutive failures:)QBT_TR[CONTEXT=OptionsDialog]</label></td>
<td><input type="number" id="webUIMaxAuthFailCountInput" style="width: 4em;" min="0" /></td>
</tr>
<tr>
<td style="text-align: right;"><label for="webUIBanDurationInput">QBT_TR(ban for:)QBT_TR[CONTEXT=OptionsDialog]</label></td>
<td><input type="number" id="webUIBanDurationInput" style="width: 4em;" min="1" />QBT_TR(seconds)QBT_TR[CONTEXT=OptionsDialog]</td>
</tr>
</table>
<table>
<tr>
@ -1725,6 +1729,7 @@ @@ -1725,6 +1729,7 @@
$('bypass_auth_subnet_whitelist_textarea').setProperty('value', pref.bypass_auth_subnet_whitelist);
updateBypasssAuthSettings();
$('webUIMaxAuthFailCountInput').setProperty('value', pref.web_ui_max_auth_fail_count.toInt());
$('webUIBanDurationInput').setProperty('value', pref.web_ui_ban_duration.toInt());
$('webUISessionTimeoutInput').setProperty('value', pref.web_ui_session_timeout.toInt());
// Use alternative Web UI
@ -2089,6 +2094,7 @@ @@ -2089,6 +2094,7 @@
settings.set('bypass_auth_subnet_whitelist_enabled', $('bypass_auth_subnet_whitelist_checkbox').getProperty('checked'));
settings.set('bypass_auth_subnet_whitelist', $('bypass_auth_subnet_whitelist_textarea').getProperty('value'));
settings.set('web_ui_max_auth_fail_count', $('webUIMaxAuthFailCountInput').getProperty('value'));
settings.set('web_ui_ban_duration', $('webUIBanDurationInput').getProperty('value'));
settings.set('web_ui_session_timeout', $('webUISessionTimeoutInput').getProperty('value'));
// Use alternative Web UI

Loading…
Cancel
Save