pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Bypass 2FA after successful login #72

Merged
pierre merged 6 commits from bypass_2fa_after_successful_login into master 2022-11-12 11:21:34 +00:00
Conversation 0 Commits 6 Files Changed 13 +9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 1fa36c0aff - Show all commits

9
src/data/user.rs
View File

@ -190,6 +190,11 @@ impl User {
.collect::<Vec<_>>()
}
pub fn remove_outdated_successful_2fa_attempts(&mut self) {
self.last_successful_2fa
.retain(|_, t| *t + SECOND_FACTOR_EXEMPTION_AFTER_SUCCESSFUL_LOGIN > time());
}
pub fn get_formatted_2fa_successful_logins(&self) -> Vec<Successful2FALogin> {
self.last_successful_2fa
.iter()
@ -301,6 +306,10 @@ impl EntityManager<User> {
pub fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> bool {
self.update_user(id, |mut user| {
user.last_successful_2fa.insert(ip, time());
// Remove outdated successful attempts
user.remove_outdated_successful_2fa_attempts();
user
})
}