phil-davis
commented
1 year ago Looks good. I tried to login as "harry" 4 times using a wrong password. After the 4th attempt I got the "Too many failed login attempts" message in the log file. I tried to login again s "harry" with the correct password, and it still gives the "Too many failed login attempts" message - good. I logged in as a different user and that works - good.
$ cat data/owncloud.log | grep "Too many"
{"reqId":"PKsJqVThKn3W60LgUTX3","level":2,"time":"2023-05-16T11:17:01+00:00","remoteAddr":"192.168.0.13","user":"--","app":"brute_force_protection","method":"POST","url":"\/index.php\/login?user=harry","message":"User 'harry' is blocked for 5 minutes. Too many failed login attempts"}
sonarcloud[bot]
Fix #200
Please test and modify the log message if necessary.
The initial log message of a failed login is generated by: https://github.com/owncloud/core/blob/master/lib/private/User/Manager.php#L272