Project

General

Profile

Feature #26887

graphql login: count login failures as brute force attempts

Added by Timo Goebel about 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
API
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

In #26487 a graphql mutation was added that allows users to sign in via username/password. The user is then issued a JWT token. Failed login attempts at this mutation should count as bruteforce attemps as with the login form.


Related issues

Related to Foreman - Feature #26487: add graphql jwt login mutationClosed
Related to Foreman - Bug #28860: Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'Closed

Associated revisions

Revision 601b910f (diff)
Added by Timo Goebel almost 4 years ago

fixes #26887 - graphql login: count bruteforce attempts

History

#1 Updated by Timo Goebel about 4 years ago

#2 Updated by The Foreman Bot about 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/6799 added

#3 Updated by Tomer Brisker almost 4 years ago

  • Fixed in Releases 1.23.0 added

#4 Updated by Timo Goebel almost 4 years ago

  • Status changed from Ready For Testing to Closed

#5 Updated by Tomer Brisker over 3 years ago

  • Related to Bug #28860: Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit' added

Also available in: Atom PDF