search

collective / Products.LoginLockout

Prevents endless login attempts in Plone, making it more secure.
https://pypi.python.org/pypi/Products.LoginLockout
2 stars 7 forks source link

storage of attempts in root plugin can lockout users of other plone sites. #25

Closed djay closed 3 years ago

djay commented 6 years ago

It appears the code stores the data in the root plugin which is not correct since local usernames are used as a key. It would also be expected on uninstall that the data would be removed too.

djay commented 3 years ago

duplicate of #30