Login Lockout (0.2)
- Login Lockout download link: http://plone.org/products/loginlockout/releases
- Homepage of Login Lockout: http://plone.org/products/loginlockout/
- Login Lockout repository: http://svn.plone.org/svn/collective/PASPlugins/LoginLockout
- Description source: http://pypi.python.org/pypi/Products.LoginLockout
This Pluggable Authentication Service (PAS) plugin will lock a login after a predetermined number of incorrect attempts. Once locked, the user will be shown a page that tells them to contact their administrator to unlock.
Requires:
- PluggableAuthService and its dependencies
- (optional) PlonePAS and its dependencies
Implementation
If the root anonymoususerfactory plugin is activated following an authentication plugin activation then this is an unsuccesful login attempt. If the password was different from the last unsuccessful attempt then we incriment a counter in data stored persistently in the root plugin.
If the instance plugin tries to authenticate a user that has been marked has having too many attempts then Unauthorised will be raised. This will activate the challenge plugin which will display a locked out message instead of another login form.
updateCredentials is called when the login was successful and in this case we reset the unsuccessful login count.