feat: ban a user after too many failed attempts

2020-05-19 09:45:11 +08:00
parent 0080e9b4cd
commit c8f0ccf706
5 changed files with 69 additions and 19 deletions
--- a/configuration.example.ini
+++ b/configuration.example.ini
@ -128,8 +128,12 @@ port = 64738
 #web_logfile =

 # 'auth_method': Method used to authenticate users accessing the web interface.
-#                Options are 'none', 'password' or 'token' (use unique token, see requests_webinterface_access command)
+#                Options are 'none', 'password' or 'token' (use unique token, see
+#                requests_webinterface_access command)
+# 'max_attempts': Bad access attempts before being banned. Regenerating a token or
+#                 rebooting the bot will reset this attempts tally.
 #auth_method = token
+#max_attempts = 10

 # 'user', 'password': If auth_method set to 'password', you need to set the username and
 #                     password.