Prevent brute force login attack

author: Chocobozzz <me@florianbigard.com> 2018-03-29 10:58:24 +0200
committer: Chocobozzz <me@florianbigard.com> 2018-03-29 11:03:30 +0200
commit: 490b595a01c5824ff63ffb87f0efdfca95f4bf3b (patch)
tree: 3ad716fbb97a8b4ee946ad907202b82934a33d7c /client/src/app/shared
parent: 23f4c3d412974fa5fda52589d1192e098e260f1a (diff)
download: PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.gz
PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.zst
PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.zip
1 files changed, 22 insertions, 14 deletions
diff --git a/client/src/app/shared/rest/rest-extractor.service.ts b/client/src/app/shared/rest/rest-extractor.service.ts
index ad08a32f8..b1e22a76c 100644
--- a/client/src/app/shared/rest/rest-extractor.service.ts
+++ b/client/src/app/shared/rest/rest-extractor.service.ts
@@ -42,25 +42,33 @@ export class RestExtractor {
      console.error('An error occurred:', errorMessage)
    } else if (err.status !== undefined) {
      // A server-side error occurred.
-      if (err.error) {
+      if (err.error && err.error.errors) {
-        if (err.error.errors) {
+        const errors = err.error.errors
-          const errors = err.error.errors
+        const errorsArray: string[] = []
-          const errorsArray: string[] = []
+        Object.keys(errors).forEach(key => {
-          Object.keys(errors).forEach(key => {
+          errorsArray.push(errors[key].msg)
-            errorsArray.push(errors[key].msg)
+        })
-          })
+        errorMessage = errorsArray.join('. ')
-          errorMessage = errorsArray.join('. ')
+      } else if (err.error && err.error.error) {
-        } else if (err.error.error) {
+        errorMessage = err.error.error
-          errorMessage = err.error.error
-        }
      } else if (err.status === 413) {
        errorMessage = 'Request is too large for the server. Please contact you administrator if you want to increase the limit size.'
+      } else if (err.status === 429) {
+        const secondsLeft = err.headers.get('retry-after')
+        if (secondsLeft) {
+          const minutesLeft = Math.floor(parseInt(secondsLeft, 10) / 60)
+          errorMessage = 'Too many attempts, please try again after ' + minutesLeft + ' minutes.'
+        } else {
+          errorMessage = 'Too many attempts, please try again later.'
+        }
+      } else if (err.status === 500) {
+        errorMessage = 'Server error. Please retry later.'
      }
      errorMessage = errorMessage ? errorMessage : 'Unknown error.'
-      console.error(`Backend returned code ${err.status}, body was: ${errorMessage}`)
+      console.error(`Backend returned code ${err.status}, errorMessage is: ${errorMessage}`)
    } else {
      errorMessage = err
    }
author	Chocobozzz <me@florianbigard.com>	2018-03-29 10:58:24 +0200
committer	Chocobozzz <me@florianbigard.com>	2018-03-29 11:03:30 +0200
commit	490b595a01c5824ff63ffb87f0efdfca95f4bf3b (patch)
tree	3ad716fbb97a8b4ee946ad907202b82934a33d7c /client/src/app/shared
parent	23f4c3d412974fa5fda52589d1192e098e260f1a (diff)
download	PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.gz PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.zst PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.zip

diff --git a/client/src/app/shared/rest/rest-extractor.service.ts b/client/src/app/shared/rest/rest-extractor.service.ts index ad08a32f8..b1e22a76c 100644 --- a/client/src/app/shared/rest/rest-extractor.service.ts +++ b/client/src/app/shared/rest/rest-extractor.service.ts
@@ -42,25 +42,33 @@ export class RestExtractor {
42	console.error('An error occurred:', errorMessage)	42	console.error('An error occurred:', errorMessage)
43	} else if (err.status !== undefined) {	43	} else if (err.status !== undefined) {
44	// A server-side error occurred.	44	// A server-side error occurred.
45	if (err.error) {	45	if (err.error && err.error.errors) {
46	if (err.error.errors) {	46	const errors = err.error.errors
47	const errors = err.error.errors	47	const errorsArray: string[] = []
48	const errorsArray: string[] = []	48
49		49	Object.keys(errors).forEach(key => {
50	Object.keys(errors).forEach(key => {	50	errorsArray.push(errors[key].msg)
51	errorsArray.push(errors[key].msg)	51	})
52	})	52
53		53	errorMessage = errorsArray.join('. ')
54	errorMessage = errorsArray.join('. ')	54	} else if (err.error && err.error.error) {
55	} else if (err.error.error) {	55	errorMessage = err.error.error
56	errorMessage = err.error.error
57	}
58	} else if (err.status === 413) {	56	} else if (err.status === 413) {
59	errorMessage = 'Request is too large for the server. Please contact you administrator if you want to increase the limit size.'	57	errorMessage = 'Request is too large for the server. Please contact you administrator if you want to increase the limit size.'
		58	} else if (err.status === 429) {
		59	const secondsLeft = err.headers.get('retry-after')
		60	if (secondsLeft) {
		61	const minutesLeft = Math.floor(parseInt(secondsLeft, 10) / 60)
		62	errorMessage = 'Too many attempts, please try again after ' + minutesLeft + ' minutes.'
		63	} else {
		64	errorMessage = 'Too many attempts, please try again later.'
		65	}
		66	} else if (err.status === 500) {
		67	errorMessage = 'Server error. Please retry later.'
60	}	68	}
61		69
62	errorMessage = errorMessage ? errorMessage : 'Unknown error.'	70	errorMessage = errorMessage ? errorMessage : 'Unknown error.'
63	console.error(`Backend returned code ${err.status}, body was: ${errorMessage}`)	71	console.error(`Backend returned code ${err.status}, errorMessage is: ${errorMessage}`)
64	} else {	72	} else {
65	errorMessage = err	73	errorMessage = err
66	}	74	}