search

parse-community / parse-dashboard

A dashboard for managing Parse Server
https://parseplatform.org
Other
3.75k stars 1.39k forks source link

Account lockout should be editable in dashboard #1358

Open mtrezza opened 5 years ago

mtrezza commented 5 years ago

Issue

When a user account is locked due to wrong password entered too many times, it cannot easily be unlocked. Customer support may want to unlock the account manually prior to the expiration date, for example upon customer request.

Unlock is currently only possible via edit directly in the database, which is not a practicable.

Suggested solution

The field _account_lockout_expires_at should be exposed in the dashboard to be manually deleted. Once the field value is deleted, the value for _failed_login_count becomes irrelevant and may as well continue to exist until it gets updated upon the next failed login attempt.

Alternative solutions

Add a design feature in the dashboard that indicates that a user is locked out and allow to unlock the user with the click of a button. -> more work to implement but provides the same functionality, so maybe a later PR.

Environment Setup

Logs/Trace

-

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

mtrezza commented 2 years ago

Since these are current internal Parse Server field (prefixed with _), there may be a change necessary in Parse Server as well. Exposing internal fields is always a sensitive topic, therefore before working on a PR we highly recommend a to discuss a suggestion for a solution.

praharsha123 commented 8 months ago

In the suggested solution on above chat, where do I need to change the _account_lockout_expires_at and _failed_login_count values in the code. I am following this and deployed parse datapond ---> https://github.com/parse-community/parse-server#running-parse-server

Below is my sample config file ---> parse-dashboard-config.json { "apps": [ { "serverURL": "http://IP-address/parse", "appId": "MyParseApp", "masterKey": "MyMasterKey", "readOnlyMasterKey": "123", "appName": "MyApp", "masterKeyIps": ["127.0.0.1"], "accountLockout": { "duration": 5, "threshold": 3, "unlockOnPasswordReset": true }, "passwordPolicy": { "validatorPattern": "test", "doNotAllowUsername": true, "maxPasswordHistory": 5 } } ],

"users": [ { "user":"test", "pass":"test", "readOnly": true }, { "user":"test", "pass":"test" } ]

}