defender: allow to impose a delay between login attempts

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-08 07:10:56 +03:00 · 2024-05-17 20:48:18 +02:00
parent 13513b563b
commit e7f315659f
17 changed files with 174 additions and 82 deletions
--- a/internal/httpd/middleware.go
+++ b/internal/httpd/middleware.go
@@ -440,6 +440,7 @@ func checkAPIKeyAuth(tokenAuth *jwtauth.JWTAuth, scope dataprovider.APIKeyScope)
 						"", http.StatusUnauthorized)
 					return
 				}
+				common.DelayLogin(nil)
 			} else {
 				if k.User != "" {
 					apiUser = k.User
@@ -512,6 +513,7 @@ func authenticateAdminWithAPIKey(username, keyID string, tokenAuth *jwtauth.JWTA
 	}
 	r.Header.Set("Authorization", fmt.Sprintf("Bearer %v", resp["access_token"]))
 	dataprovider.UpdateAdminLastLogin(&admin)
+	common.DelayLogin(nil)
 	return nil
 }