feat: Lockout policy (#2121)

* feat: lock users if lockout policy is set * feat: setup * feat: lock user on password failes * feat: render error * feat: lock user on command side * feat: auth_req tests * feat: lockout policy docs * feat: remove show lockout failures from proto * fix: console lockout * feat: tests * fix: tests * unlock function * add unlock button * fix migration version * lockout policy * lint * Update internal/auth/repository/eventsourcing/eventstore/auth_request.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix: err message * Update internal/command/setup_step4.go Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
2025-11-15 12:03:04 +00:00 · 2021-08-11 08:36:32 +02:00
parent 272e411e27
commit bc951985ed
101 changed files with 2170 additions and 1574 deletions
--- a/internal/command/setup_step18.go
+++ b/internal/command/setup_step18.go
@@ -0,0 +1,35 @@
+package command
+
+import (
+	"context"
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/domain"
+	"github.com/caos/zitadel/internal/eventstore"
+)
+
+type Step18 struct {
+	LockoutPolicy domain.LockoutPolicy
+}
+
+func (s *Step18) Step() domain.Step {
+	return domain.Step18
+}
+
+func (s *Step18) execute(ctx context.Context, commandSide *Commands) error {
+	return commandSide.SetupStep18(ctx, s)
+}
+
+func (c *Commands) SetupStep18(ctx context.Context, step *Step18) error {
+	fn := func(iam *IAMWriteModel) ([]eventstore.EventPusher, error) {
+		iamAgg := IAMAggregateFromWriteModel(&iam.WriteModel)
+		addedPolicy := NewIAMLockoutPolicyWriteModel()
+		events, err := c.addDefaultLockoutPolicy(ctx, iamAgg, addedPolicy, &step.LockoutPolicy)
+		if err != nil {
+			return nil, err
+		}
+
+		logging.Log("SETUP-3m99ds").Info("default lockout policy set up")
+		return []eventstore.EventPusher{events}, nil
+	}
+	return c.setup(ctx, step, fn)
+}