revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-25 00:02:41 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth/factor
History
epriestley 0449a07f53 Add bin/auth unlimit and clean up a TODO 
Summary:
I stumbled across this TODO and was worried that there was a glaring hole in MFA that I'd somehow forgotten about, but the TODO is just out of date.

These actions are rate limited properly by `PhabricatorAuthTryFactorAction`, which permits a maximum of 10 actions per hour.

  - Remove the TODO.
  - Add `bin/auth unlimit` to make it easier to reset rate limits if someone needs to do that for whatever reason.

Test Plan:
  - Tried to brute force through MFA.
  - Got rate limited properly after 10 failures.
  - Reset rate limit with `bin/auth unlimit`.
  - Saw the expected number of actions clear.

{F805288}

Reviewers: chad

Reviewed By: chad

Subscribers: joshuaspence

Differential Revision: https://secure.phabricator.com/D14105
2015-09-14 07:03:39 -07:00
..
__tests__ Add a bunch of tests for subclass implementations 2015-06-15 18:13:27 +10:00
PhabricatorAuthFactor.php Use PhutilClassMapQuery 2015-07-07 22:51:57 +10:00
PhabricatorTOTPAuthFactor.php Add bin/auth unlimit and clean up a TODO 2015-09-14 07:03:39 -07:00