aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/initializers
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2018-03-29 10:58:24 +0200
committerChocobozzz <me@florianbigard.com>2018-03-29 11:03:30 +0200
commit490b595a01c5824ff63ffb87f0efdfca95f4bf3b (patch)
tree3ad716fbb97a8b4ee946ad907202b82934a33d7c /server/initializers
parent23f4c3d412974fa5fda52589d1192e098e260f1a (diff)
downloadPeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.gz
PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.zst
PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.zip
Prevent brute force login attack
Diffstat (limited to 'server/initializers')
-rw-r--r--server/initializers/checker.ts1
-rw-r--r--server/initializers/constants.ts9
-rw-r--r--server/initializers/installer.ts2
3 files changed, 11 insertions, 1 deletions
diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts
index cd93f19a9..45f1d79c3 100644
--- a/server/initializers/checker.ts
+++ b/server/initializers/checker.ts
@@ -20,6 +20,7 @@ function checkConfig () {
20function checkMissedConfig () { 20function checkMissedConfig () {
21 const required = [ 'listen.port', 21 const required = [ 'listen.port',
22 'webserver.https', 'webserver.hostname', 'webserver.port', 22 'webserver.https', 'webserver.hostname', 'webserver.port',
23 'trust_proxy',
23 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', 24 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password',
24 'redis.hostname', 'redis.port', 'redis.auth', 25 'redis.hostname', 'redis.port', 'redis.auth',
25 'smtp.hostname', 'smtp.port', 'smtp.username', 'smtp.password', 'smtp.tls', 'smtp.from_address', 26 'smtp.hostname', 'smtp.port', 'smtp.username', 'smtp.password', 'smtp.tls', 'smtp.from_address',
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index 284acf8f3..986fed099 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -127,6 +127,7 @@ const CONFIG = {
127 URL: '', 127 URL: '',
128 HOST: '' 128 HOST: ''
129 }, 129 },
130 TRUST_PROXY: config.get<string[]>('trust_proxy'),
130 LOG: { 131 LOG: {
131 LEVEL: config.get<string>('log.level') 132 LEVEL: config.get<string>('log.level')
132 }, 133 },
@@ -234,6 +235,13 @@ const CONSTRAINTS_FIELDS = {
234 } 235 }
235} 236}
236 237
238const RATES_LIMIT = {
239 LOGIN: {
240 WINDOW_MS: 5 * 60 * 1000, // 5 minutes
241 MAX: 10 // 10 attempts
242 }
243}
244
237let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour 245let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour
238const VIDEO_TRANSCODING_FPS = { 246const VIDEO_TRANSCODING_FPS = {
239 MIN: 10, 247 MIN: 10,
@@ -468,6 +476,7 @@ export {
468 USER_PASSWORD_RESET_LIFETIME, 476 USER_PASSWORD_RESET_LIFETIME,
469 IMAGE_MIMETYPE_EXT, 477 IMAGE_MIMETYPE_EXT,
470 SCHEDULER_INTERVAL, 478 SCHEDULER_INTERVAL,
479 RATES_LIMIT,
471 JOB_COMPLETED_LIFETIME, 480 JOB_COMPLETED_LIFETIME,
472 VIDEO_VIEW_LIFETIME 481 VIDEO_VIEW_LIFETIME
473} 482}
diff --git a/server/initializers/installer.ts b/server/initializers/installer.ts
index d2f6c7c8c..f0adf8c9e 100644
--- a/server/initializers/installer.ts
+++ b/server/initializers/installer.ts
@@ -112,7 +112,7 @@ async function createOAuthAdminIfNotExist () {
112 // Our password is weak so do not validate it 112 // Our password is weak so do not validate it
113 validatePassword = false 113 validatePassword = false
114 } else { 114 } else {
115 password = passwordGenerator(8, true) 115 password = passwordGenerator(16, true)
116 } 116 }
117 117
118 const userData = { 118 const userData = {