Bypass 2FA after successful login #72
@ -190,6 +190,11 @@ impl User {
|
||||
.collect::<Vec<_>>()
|
||||
}
|
||||
|
||||
pub fn remove_outdated_successful_2fa_attempts(&mut self) {
|
||||
self.last_successful_2fa
|
||||
.retain(|_, t| *t + SECOND_FACTOR_EXEMPTION_AFTER_SUCCESSFUL_LOGIN > time());
|
||||
}
|
||||
|
||||
pub fn get_formatted_2fa_successful_logins(&self) -> Vec<Successful2FALogin> {
|
||||
self.last_successful_2fa
|
||||
.iter()
|
||||
@ -301,6 +306,10 @@ impl EntityManager<User> {
|
||||
pub fn save_new_successful_2fa_authentication(&mut self, id: &UserID, ip: IpAddr) -> bool {
|
||||
self.update_user(id, |mut user| {
|
||||
user.last_successful_2fa.insert(ip, time());
|
||||
|
||||
// Remove outdated successful attempts
|
||||
user.remove_outdated_successful_2fa_attempts();
|
||||
|
||||
user
|
||||
})
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user