nextcloud / bruteforcesettings

🕵 Allow admins to configure the brute force settings
https://apps.nextcloud.com/apps/bruteforcesettings
GNU Affero General Public License v3.0
49 stars 13 forks source link

View status of an IP address from web UI #560

Open joshtrichards opened 9 months ago

joshtrichards commented 9 months ago

Goal

Allow an admin to specify an IP address of interest in the Web UI to look up its BFP status and view a summary of its attempts history.

Details

An existing command (occ security:bruteforce:attempts) already provides this capability from the command-line. The same information should be available from the web UI (via the BFP settings app) for ease of day-to-day access by admins that prefer the Web UI (or that lack command-line access).

The operator will only need to specify the IP address of interest in order to query the details desired.

Implementation

No changes in the BFP implementation itself are required (i.e. this enhancement will not touch server). All changes will take place in in the bruteforcesettings app itself.

Existing occ command (model)

The existing occ command is implemented in https://github.com/nextcloud/server/blob/master/core/Command/Security/BruteforceAttempts.php.

Output of `occ security:bruteforce:attempts --help`
Description:
  lists bruteforce attempts for given IP address

Usage:
  security:bruteforce:attempts [options] [--] <ipaddress> [<action>]

Arguments:
  ipaddress              IP address for which the attempts are to be listed
  action                 Only count attempts for the given action

Example current output from occ security:bruteforce:attempts <IP_address> includes:

  - bypass-listed: false
  - attempts: 5
  - delay: 3200

How the output changes can be easily tested by entering an invalid password several times in a row and monitoring how the output changes. This same information should be presented in the web UI, albeit in a more "web UI appropriate" manner.

If needed for additional context, refer to the utilized public and private APIs.

Probably out of scope:

Out of scope:

Commifreak commented 3 months ago

+1

would be awesome to see all current entries within the webui