Bypass 2FA after successful login #72
@ -190,6 +190,11 @@ impl User {
|
|||||||
.collect::<Vec<_>>()
|
.collect::<Vec<_>>()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn remove_outdated_successful_2fa_attempts(&mut self) {
|
||||||
|
self.last_successful_2fa
|
||||||
|
.retain(|_, t| *t + SECOND_FACTOR_EXEMPTION_AFTER_SUCCESSFUL_LOGIN > time());
|
||||||
|
}
|
||||||
|
|
||||||
pub fn get_formatted_2fa_successful_logins(&self) -> Vec<Successful2FALogin> {
|
pub fn get_formatted_2fa_successful_logins(&self) -> Vec<Successful2FALogin> {
|
||||||
self.last_successful_2fa
|
self.last_successful_2fa
|
||||||
.iter()
|
.iter()
|
||||||
@ -301,6 +306,10 @@ impl EntityManager<User> {
|
|||||||
pub fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> bool {
|
pub fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> bool {
|
||||||
self.update_user(id, |mut user| {
|
self.update_user(id, |mut user| {
|
||||||
user.last_successful_2fa.insert(ip, time());
|
user.last_successful_2fa.insert(ip, time());
|
||||||
|
|
||||||
|
// Remove outdated successful attempts
|
||||||
|
user.remove_outdated_successful_2fa_attempts();
|
||||||
|
|
||||||
user
|
user
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user