CC-2789: Prevent brue-force password guessing attacks

- add recaptcha on login page
2011-09-13 14:16:16 -04:00 · 2011-09-13 14:16:16 -04:00 · f25304bcb7
commit f25304bcb7
parent e6f7640c90
20 changed files with 2083 additions and 58 deletions
--- a/airtime_mvc/build/sql/schema.sql
+++ b/airtime_mvc/build/sql/schema.sql
@ -434,6 +434,7 @@ CREATE TABLE "cc_subjs"
 	"skype_contact" VARCHAR(255),
 	"jabber_contact" VARCHAR(255),
 	"email" VARCHAR(255),
+	"login_attempts" INTEGER default 0,
 	PRIMARY KEY ("id"),
 	CONSTRAINT "cc_subjs_id_idx" UNIQUE ("id"),
 	CONSTRAINT "cc_subjs_login_idx" UNIQUE ("login")
@ -479,6 +480,24 @@ CREATE TABLE "cc_stream_setting"
 COMMENT ON TABLE "cc_stream_setting" IS '';


+SET search_path TO public;
+-----------------------------------------------------------------------------
+-- cc_login_attempts
+-----------------------------------------------------------------------------
+
+DROP TABLE "cc_login_attempts" CASCADE;
+
+
+CREATE TABLE "cc_login_attempts"
+(
+	"ip" VARCHAR(32)  NOT NULL,
+	"attempts" INTEGER default 0,
+	PRIMARY KEY ("ip")
+);
+
+COMMENT ON TABLE "cc_login_attempts" IS '';
+
+
 SET search_path TO public;
 ALTER TABLE "cc_access" ADD CONSTRAINT "cc_access_owner_fkey" FOREIGN KEY ("owner") REFERENCES "cc_subjs" ("id");