diff options
author | Chocobozzz <me@florianbigard.com> | 2018-03-29 10:58:24 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-03-29 11:03:30 +0200 |
commit | 490b595a01c5824ff63ffb87f0efdfca95f4bf3b (patch) | |
tree | 3ad716fbb97a8b4ee946ad907202b82934a33d7c /server/initializers | |
parent | 23f4c3d412974fa5fda52589d1192e098e260f1a (diff) | |
download | PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.gz PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.tar.zst PeerTube-490b595a01c5824ff63ffb87f0efdfca95f4bf3b.zip |
Prevent brute force login attack
Diffstat (limited to 'server/initializers')
-rw-r--r-- | server/initializers/checker.ts | 1 | ||||
-rw-r--r-- | server/initializers/constants.ts | 9 | ||||
-rw-r--r-- | server/initializers/installer.ts | 2 |
3 files changed, 11 insertions, 1 deletions
diff --git a/server/initializers/checker.ts b/server/initializers/checker.ts index cd93f19a9..45f1d79c3 100644 --- a/server/initializers/checker.ts +++ b/server/initializers/checker.ts | |||
@@ -20,6 +20,7 @@ function checkConfig () { | |||
20 | function checkMissedConfig () { | 20 | function checkMissedConfig () { |
21 | const required = [ 'listen.port', | 21 | const required = [ 'listen.port', |
22 | 'webserver.https', 'webserver.hostname', 'webserver.port', | 22 | 'webserver.https', 'webserver.hostname', 'webserver.port', |
23 | 'trust_proxy', | ||
23 | 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', | 24 | 'database.hostname', 'database.port', 'database.suffix', 'database.username', 'database.password', |
24 | 'redis.hostname', 'redis.port', 'redis.auth', | 25 | 'redis.hostname', 'redis.port', 'redis.auth', |
25 | 'smtp.hostname', 'smtp.port', 'smtp.username', 'smtp.password', 'smtp.tls', 'smtp.from_address', | 26 | 'smtp.hostname', 'smtp.port', 'smtp.username', 'smtp.password', 'smtp.tls', 'smtp.from_address', |
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index 284acf8f3..986fed099 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts | |||
@@ -127,6 +127,7 @@ const CONFIG = { | |||
127 | URL: '', | 127 | URL: '', |
128 | HOST: '' | 128 | HOST: '' |
129 | }, | 129 | }, |
130 | TRUST_PROXY: config.get<string[]>('trust_proxy'), | ||
130 | LOG: { | 131 | LOG: { |
131 | LEVEL: config.get<string>('log.level') | 132 | LEVEL: config.get<string>('log.level') |
132 | }, | 133 | }, |
@@ -234,6 +235,13 @@ const CONSTRAINTS_FIELDS = { | |||
234 | } | 235 | } |
235 | } | 236 | } |
236 | 237 | ||
238 | const RATES_LIMIT = { | ||
239 | LOGIN: { | ||
240 | WINDOW_MS: 5 * 60 * 1000, // 5 minutes | ||
241 | MAX: 10 // 10 attempts | ||
242 | } | ||
243 | } | ||
244 | |||
237 | let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour | 245 | let VIDEO_VIEW_LIFETIME = 60000 * 60 // 1 hour |
238 | const VIDEO_TRANSCODING_FPS = { | 246 | const VIDEO_TRANSCODING_FPS = { |
239 | MIN: 10, | 247 | MIN: 10, |
@@ -468,6 +476,7 @@ export { | |||
468 | USER_PASSWORD_RESET_LIFETIME, | 476 | USER_PASSWORD_RESET_LIFETIME, |
469 | IMAGE_MIMETYPE_EXT, | 477 | IMAGE_MIMETYPE_EXT, |
470 | SCHEDULER_INTERVAL, | 478 | SCHEDULER_INTERVAL, |
479 | RATES_LIMIT, | ||
471 | JOB_COMPLETED_LIFETIME, | 480 | JOB_COMPLETED_LIFETIME, |
472 | VIDEO_VIEW_LIFETIME | 481 | VIDEO_VIEW_LIFETIME |
473 | } | 482 | } |
diff --git a/server/initializers/installer.ts b/server/initializers/installer.ts index d2f6c7c8c..f0adf8c9e 100644 --- a/server/initializers/installer.ts +++ b/server/initializers/installer.ts | |||
@@ -112,7 +112,7 @@ async function createOAuthAdminIfNotExist () { | |||
112 | // Our password is weak so do not validate it | 112 | // Our password is weak so do not validate it |
113 | validatePassword = false | 113 | validatePassword = false |
114 | } else { | 114 | } else { |
115 | password = passwordGenerator(8, true) | 115 | password = passwordGenerator(16, true) |
116 | } | 116 | } |
117 | 117 | ||
118 | const userData = { | 118 | const userData = { |