blob: 988668fccb4ba43ed523fab26d6daf0074a2ecd6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
package regulation
import (
"context"
"net"
"time"
"github.com/sirupsen/logrus"
"github.com/authelia/authelia/v4/internal/clock"
"github.com/authelia/authelia/v4/internal/configuration/schema"
"github.com/authelia/authelia/v4/internal/storage"
)
// Regulator an authentication regulator preventing attackers to brute force the service.
type Regulator struct {
users bool
ips bool
config schema.Regulation
store storage.RegulatorProvider
clock clock.Provider
}
// Context represents a regulator context.
type Context interface {
context.Context
MetricsRecorder
GetLogger() *logrus.Entry
RemoteIP() (ip net.IP)
}
// MetricsRecorder represents the methods used to record regulation.
type MetricsRecorder interface {
RecordAuthn(success, banned bool, authType string)
}
// NewBan constructs a friendly version of ban information for easy formatting.
func NewBan(ban BanType, value string, expires *time.Time) *Ban {
return &Ban{
ban: ban,
value: value,
expires: expires,
}
}
type Ban struct {
ban BanType
value string
expires *time.Time
}
func (b *Ban) IsBanned() bool {
return b.Type() != BanTypeNone
}
func (b *Ban) Value() string {
if b == nil {
return ""
}
return b.value
}
func (b *Ban) Type() BanType {
if b == nil {
return BanTypeNone
}
return b.ban
}
func (b *Ban) Expires() *time.Time {
if b == nil {
return nil
}
return b.expires
}
func (b *Ban) FormatExpires() string {
if b == nil || b.expires == nil {
FormatExpiresLong(nil)
}
return FormatExpiresLong(b.expires)
}
type BanType int
const (
BanTypeNone BanType = iota
BanTypeIP
BanTypeUser
)
|
