diff options
| author | =Corey Hulen <corey@hulen.com> | 2015-07-29 01:26:10 -0800 |
|---|---|---|
| committer | =Corey Hulen <corey@hulen.com> | 2015-07-29 01:26:10 -0800 |
| commit | 9677a9f71777d75f3def0b0cb238050a30ec6a67 (patch) | |
| tree | 8579fae8134ef2167a2cc97d95b0225e8acfdb46 /store/sql_user_store.go | |
| parent | 81e55eb57c367a1403f693712411c0781287ea55 (diff) | |
| download | chat-9677a9f71777d75f3def0b0cb238050a30ec6a67.tar.gz chat-9677a9f71777d75f3def0b0cb238050a30ec6a67.tar.bz2 chat-9677a9f71777d75f3def0b0cb238050a30ec6a67.zip | |
Fixes mm-1355 adds rate limiting apis
Diffstat (limited to 'store/sql_user_store.go')
| -rw-r--r-- | store/sql_user_store.go | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/store/sql_user_store.go b/store/sql_user_store.go index 0228fa308..150b3147a 100644 --- a/store/sql_user_store.go +++ b/store/sql_user_store.go @@ -59,6 +59,8 @@ func (us SqlUserStore) UpgradeSchemaIfNeeded() { } us.CreateColumnIfNotExists("Users", "AuthService", "AuthData", "varchar(32)", "") // for OAuth Client + + us.CreateColumnIfNotExists("Users", "FailedAttempts", "FailedAttempts", "int(11)", "0") } //func (ss SqlStore) CreateColumnIfNotExists(tableName string, columnName string, afterName string, colType string, defaultValue string) bool { @@ -150,6 +152,7 @@ func (us SqlUserStore) Update(user *model.User, allowActiveUpdate bool) StoreCha user.LastActivityAt = oldUser.LastActivityAt user.LastPingAt = oldUser.LastPingAt user.EmailVerified = oldUser.EmailVerified + user.FailedAttempts = oldUser.FailedAttempts if !allowActiveUpdate { user.Roles = oldUser.Roles @@ -265,7 +268,7 @@ func (us SqlUserStore) UpdatePassword(userId, hashedPassword string) StoreChanne updateAt := model.GetMillis() - if _, err := us.GetMaster().Exec("UPDATE Users SET Password = :Password, LastPasswordUpdate = :LastPasswordUpdate, UpdateAt = :UpdateAt WHERE Id = :UserId", map[string]interface{}{"Password": hashedPassword, "LastPasswordUpdate": updateAt, "UpdateAt": updateAt, "UserId": userId}); err != nil { + if _, err := us.GetMaster().Exec("UPDATE Users SET Password = :Password, LastPasswordUpdate = :LastPasswordUpdate, UpdateAt = :UpdateAt, FailedAttempts = 0 WHERE Id = :UserId", map[string]interface{}{"Password": hashedPassword, "LastPasswordUpdate": updateAt, "UpdateAt": updateAt, "UserId": userId}); err != nil { result.Err = model.NewAppError("SqlUserStore.UpdatePassword", "We couldn't update the user password", "id="+userId+", "+err.Error()) } else { result.Data = userId @@ -278,6 +281,25 @@ func (us SqlUserStore) UpdatePassword(userId, hashedPassword string) StoreChanne return storeChannel } +func (us SqlUserStore) UpdateFailedPasswordAttempts(userId string, attempts int) StoreChannel { + storeChannel := make(StoreChannel) + + go func() { + result := StoreResult{} + + if _, err := us.GetMaster().Exec("UPDATE Users SET FailedAttempts = :FailedAttempts WHERE Id = :UserId", map[string]interface{}{"FailedAttempts": attempts, "UserId": userId}); err != nil { + result.Err = model.NewAppError("SqlUserStore.UpdateFailedPasswordAttempts", "We couldn't update the failed_attempts", "user_id="+userId) + } else { + result.Data = userId + } + + storeChannel <- result + close(storeChannel) + }() + + return storeChannel +} + func (us SqlUserStore) Get(id string) StoreChannel { storeChannel := make(StoreChannel) |