Project

General

Profile

Actions
Copy link

Feature #26887

closed

graphql login: count login failures as brute force attempts

Added by Timo Goebel almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Timo Goebel
Category:
API
Target version:
1.23.0
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/6799
Fixed in Releases:
1.23.0
Found in Releases:
Red Hat JIRA:

Description

In #26487 a graphql mutation was added that allows users to sign in via username/password. The user is then issued a JWT token. Failed login attempts at this mutation should count as bruteforce attemps as with the login form.

Related issues 2 (0 open2 closed)

Related to Foreman - Feature #26487: add graphql jwt login mutationClosedTimo GoebelActions
Related to Foreman - Bug #28860: Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'ClosedDominik MatoulekActions
Actions
Copy link
 #1

Updated by Timo Goebel almost 5 years ago

Actions
Copy link
 #2

Updated by The Foreman Bot almost 5 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/6799 added
Actions
Copy link
 #3

Updated by Tomer Brisker almost 5 years ago

  • Fixed in Releases 1.23.0 added
Actions
Copy link
 #4

Updated by Timo Goebel almost 5 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link
 #5

Updated by Tomer Brisker about 4 years ago

  • Related to Bug #28860: Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit' added
Actions
Copy link

Also available in: Atom PDF