mirror of
				https://github.com/zitadel/zitadel.git
				synced 2025-10-25 10:59:27 +00:00 
			
		
		
		
	 bc951985ed
			
		
	
	bc951985ed
	
	
	
		
			
			* feat: lock users if lockout policy is set * feat: setup * feat: lock user on password failes * feat: render error * feat: lock user on command side * feat: auth_req tests * feat: lockout policy docs * feat: remove show lockout failures from proto * fix: console lockout * feat: tests * fix: tests * unlock function * add unlock button * fix migration version * lockout policy * lint * Update internal/auth/repository/eventsourcing/eventstore/auth_request.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix: err message * Update internal/command/setup_step4.go Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
		
			
				
	
	
		
			139 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			139 lines
		
	
	
		
			3.5 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| package policy
 | |
| 
 | |
| import (
 | |
| 	"encoding/json"
 | |
| 	"github.com/caos/zitadel/internal/eventstore"
 | |
| 
 | |
| 	"github.com/caos/zitadel/internal/errors"
 | |
| 	"github.com/caos/zitadel/internal/eventstore/repository"
 | |
| )
 | |
| 
 | |
| const (
 | |
| 	LockoutPolicyAddedEventType   = "policy.lockout.added"
 | |
| 	LockoutPolicyChangedEventType = "policy.lockout.changed"
 | |
| 	LockoutPolicyRemovedEventType = "policy.lockout.removed"
 | |
| )
 | |
| 
 | |
| type LockoutPolicyAddedEvent struct {
 | |
| 	eventstore.BaseEvent `json:"-"`
 | |
| 
 | |
| 	MaxPasswordAttempts uint64 `json:"maxPasswordAttempts,omitempty"`
 | |
| 	ShowLockOutFailures bool   `json:"showLockOutFailures,omitempty"`
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyAddedEvent) Data() interface{} {
 | |
| 	return e
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyAddedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func NewLockoutPolicyAddedEvent(
 | |
| 	base *eventstore.BaseEvent,
 | |
| 	maxAttempts uint64,
 | |
| 	showLockOutFailures bool,
 | |
| ) *LockoutPolicyAddedEvent {
 | |
| 
 | |
| 	return &LockoutPolicyAddedEvent{
 | |
| 		BaseEvent:           *base,
 | |
| 		MaxPasswordAttempts: maxAttempts,
 | |
| 		ShowLockOutFailures: showLockOutFailures,
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func LockoutPolicyAddedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
 | |
| 	e := &LockoutPolicyAddedEvent{
 | |
| 		BaseEvent: *eventstore.BaseEventFromRepo(event),
 | |
| 	}
 | |
| 
 | |
| 	err := json.Unmarshal(event.Data, e)
 | |
| 	if err != nil {
 | |
| 		return nil, errors.ThrowInternal(err, "POLIC-8XiVd", "unable to unmarshal policy")
 | |
| 	}
 | |
| 
 | |
| 	return e, nil
 | |
| }
 | |
| 
 | |
| type LockoutPolicyChangedEvent struct {
 | |
| 	eventstore.BaseEvent `json:"-"`
 | |
| 
 | |
| 	MaxPasswordAttempts *uint64 `json:"maxPasswordAttempts,omitempty"`
 | |
| 	ShowLockOutFailures *bool   `json:"showLockOutFailures,omitempty"`
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyChangedEvent) Data() interface{} {
 | |
| 	return e
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyChangedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func NewLockoutPolicyChangedEvent(
 | |
| 	base *eventstore.BaseEvent,
 | |
| 	changes []LockoutPolicyChanges,
 | |
| ) (*LockoutPolicyChangedEvent, error) {
 | |
| 	if len(changes) == 0 {
 | |
| 		return nil, errors.ThrowPreconditionFailed(nil, "POLICY-sdgh6", "Errors.NoChangesFound")
 | |
| 	}
 | |
| 	changeEvent := &LockoutPolicyChangedEvent{
 | |
| 		BaseEvent: *base,
 | |
| 	}
 | |
| 	for _, change := range changes {
 | |
| 		change(changeEvent)
 | |
| 	}
 | |
| 	return changeEvent, nil
 | |
| }
 | |
| 
 | |
| type LockoutPolicyChanges func(*LockoutPolicyChangedEvent)
 | |
| 
 | |
| func ChangeMaxAttempts(maxAttempts uint64) func(*LockoutPolicyChangedEvent) {
 | |
| 	return func(e *LockoutPolicyChangedEvent) {
 | |
| 		e.MaxPasswordAttempts = &maxAttempts
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func ChangeShowLockOutFailures(showLockOutFailures bool) func(*LockoutPolicyChangedEvent) {
 | |
| 	return func(e *LockoutPolicyChangedEvent) {
 | |
| 		e.ShowLockOutFailures = &showLockOutFailures
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func LockoutPolicyChangedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
 | |
| 	e := &LockoutPolicyChangedEvent{
 | |
| 		BaseEvent: *eventstore.BaseEventFromRepo(event),
 | |
| 	}
 | |
| 
 | |
| 	err := json.Unmarshal(event.Data, e)
 | |
| 	if err != nil {
 | |
| 		return nil, errors.ThrowInternal(err, "POLIC-lWGRc", "unable to unmarshal policy")
 | |
| 	}
 | |
| 
 | |
| 	return e, nil
 | |
| }
 | |
| 
 | |
| type LockoutPolicyRemovedEvent struct {
 | |
| 	eventstore.BaseEvent `json:"-"`
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyRemovedEvent) Data() interface{} {
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func (e *LockoutPolicyRemovedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| func NewLockoutPolicyRemovedEvent(base *eventstore.BaseEvent) *LockoutPolicyRemovedEvent {
 | |
| 	return &LockoutPolicyRemovedEvent{
 | |
| 		BaseEvent: *base,
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func LockoutPolicyRemovedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
 | |
| 	return &LockoutPolicyRemovedEvent{
 | |
| 		BaseEvent: *eventstore.BaseEventFromRepo(event),
 | |
| 	}, nil
 | |
| }
 |