|
|
@ -41,9 +41,8 @@ def login():
|
|
|
|
response = flask.redirect(destination)
|
|
|
|
response = flask.redirect(destination)
|
|
|
|
response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'), secure=app.config['SESSION_COOKIE_SECURE'], httponly=True)
|
|
|
|
response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'), secure=app.config['SESSION_COOKIE_SECURE'], httponly=True)
|
|
|
|
flask.current_app.logger.info(f'Login succeeded for {username} from {client_ip} pwned={form.pwned.data}.')
|
|
|
|
flask.current_app.logger.info(f'Login succeeded for {username} from {client_ip} pwned={form.pwned.data}.')
|
|
|
|
breaches = int(form.pwned.data)
|
|
|
|
if msg := utils.isBadOrPwned(form):
|
|
|
|
if breaches > 0:
|
|
|
|
flask.flash(msg, "error")
|
|
|
|
flask.flash(f"Your password appears in {breaches} data breaches! Please change it.", "error")
|
|
|
|
|
|
|
|
return response
|
|
|
|
return response
|
|
|
|
else:
|
|
|
|
else:
|
|
|
|
utils.limiter.rate_limit_user(username, client_ip, device_cookie, device_cookie_username) if models.User.get(username) else utils.limiter.rate_limit_ip(client_ip)
|
|
|
|
utils.limiter.rate_limit_user(username, client_ip, device_cookie, device_cookie_username) if models.User.get(username) else utils.limiter.rate_limit_ip(client_ip)
|
|
|
|