feat: Lockout policy (#2121)

* feat: lock users if lockout policy is set * feat: setup * feat: lock user on password failes * feat: render error * feat: lock user on command side * feat: auth_req tests * feat: lockout policy docs * feat: remove show lockout failures from proto * fix: console lockout * feat: tests * fix: tests * unlock function * add unlock button * fix migration version * lockout policy * lint * Update internal/auth/repository/eventsourcing/eventstore/auth_request.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix: err message * Update internal/command/setup_step4.go Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
2025-10-10 03:10:19 +00:00 · 2021-08-11 08:36:32 +02:00
parent 272e411e27
commit bc951985ed
101 changed files with 2170 additions and 1574 deletions
--- a/migrations/cockroach/V1.59__user_lock.sql
+++ b/migrations/cockroach/V1.59__user_lock.sql
@@ -0,0 +1,45 @@
+CREATE TABLE management.lockout_policies (
+      aggregate_id TEXT,
+
+      creation_date TIMESTAMPTZ,
+      change_date TIMESTAMPTZ,
+      lockout_policy_state SMALLINT,
+      sequence BIGINT,
+
+      max_password_attempts BIGINT,
+      show_lockout_failures BOOLEAN,
+
+      PRIMARY KEY (aggregate_id)
+);
+
+CREATE TABLE adminapi.lockout_policies (
+     aggregate_id TEXT,
+
+     creation_date TIMESTAMPTZ,
+     change_date TIMESTAMPTZ,
+     lockout_policy_state SMALLINT,
+     sequence BIGINT,
+
+     max_password_attempts BIGINT,
+     show_lockout_failures BOOLEAN,
+
+     PRIMARY KEY (aggregate_id)
+);
+
+CREATE TABLE auth.lockout_policies (
+       aggregate_id TEXT,
+
+       creation_date TIMESTAMPTZ,
+       change_date TIMESTAMPTZ,
+       lockout_policy_state SMALLINT,
+       sequence BIGINT,
+
+       max_password_attempts BIGINT,
+       show_lockout_failures BOOLEAN,
+
+       PRIMARY KEY (aggregate_id)
+);
+
+DROP TABLE management.password_lockout_policies;
+DROP TABLE adminapi.password_lockout_policies;
+DROP TABLE auth.password_lockout_policies;