Bruteforce Mitigation
This commit is contained in:
Tina_Azure
55
src/main.cpp
55
src/main.cpp
@ -338,6 +338,7 @@ int main(int argc, char *argv[]) {
|
||||
ID_DELETE_FREELANCER_RESET_KEY,
|
||||
ID_INSERT_FREELANCER_RESET_KEY
|
||||
});
|
||||
|
||||
pqxx::result checkFreelancerExists = Database::executePreparedStatement_SELECT_CHECK_EMAIL_EXISTS(databaseConnection, email);
|
||||
int checkFreelancerExistsExtracted = stoi(checkFreelancerExists.at(0).at(0).c_str());
|
||||
if (checkFreelancerExistsExtracted == 1) {
|
||||
@ -472,26 +473,38 @@ int main(int argc, char *argv[]) {
|
||||
ID_SELECT_CHECK_EMAIL_EXISTS,
|
||||
ID_SELECT_FREELANCER_SALT,
|
||||
ID_SELECT_CHECK_HASH_VALID,
|
||||
ID_UPDATE_LOGIN_VALIDATION_KEY
|
||||
ID_UPDATE_LOGIN_VALIDATION_KEY,
|
||||
ID_SELECT_CHECK_LOGIN_LOCK_OUT,
|
||||
ID_SELECT_GET_LOGIN_LOCK_OUT_MINUTES
|
||||
});
|
||||
pqxx::result checkFreelancerExists = Database::executePreparedStatement_SELECT_CHECK_EMAIL_EXISTS(databaseConnection, email);
|
||||
int checkFreelancerExistsExtracted = stoi(checkFreelancerExists.at(0).at(0).c_str());
|
||||
if (checkFreelancerExistsExtracted == 1) {
|
||||
pqxx::result freelancerSalt = Database::executePreparedStatement_SELECT_FREELANCER_SALT(databaseConnection, email);
|
||||
string salt = freelancerSalt.at(0).at(0).c_str();
|
||||
string hash = Utilities::hashPassword(salt, password);
|
||||
pqxx::result checkFreelancerHash = Database::executePreparedStatement_SELECT_CHECK_HASH_VALID(databaseConnection, email, hash);
|
||||
int checkFreelancerHashExtracted = stoi(checkFreelancerHash.at(0).at(0).c_str());
|
||||
if (checkFreelancerHashExtracted == 1) {
|
||||
//create secureCookie
|
||||
auto& cookieCtx = app.get_context<crow::CookieParser>(postRequest);
|
||||
std::string loginKeyValue = Utilities::generateRandomHashValueSHA512();
|
||||
Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email);
|
||||
std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn);
|
||||
std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn);
|
||||
cookieCtx.set_cookie("loginKey", loginKeyCookieValue);
|
||||
cookieCtx.set_cookie("freelancerEmail",freelancerEmailCookieValue);
|
||||
ctx[MUSTACHE_LOGIN_SUCCESS] = true;
|
||||
|
||||
pqxx::result checkloginLockedOut = Database::executePreparedStatement_SELECT_CHECK_LOGIN_LOCK_OUT(databaseConnection, email);
|
||||
string checkloginLockedOutExtracted = checkloginLockedOut.at(0).at(0).c_str();
|
||||
if (checkloginLockedOutExtracted != "true") {
|
||||
pqxx::result checkFreelancerExists = Database::executePreparedStatement_SELECT_CHECK_EMAIL_EXISTS(databaseConnection, email);
|
||||
int checkFreelancerExistsExtracted = stoi(checkFreelancerExists.at(0).at(0).c_str());
|
||||
if (checkFreelancerExistsExtracted == 1) {
|
||||
pqxx::result freelancerSalt = Database::executePreparedStatement_SELECT_FREELANCER_SALT(databaseConnection, email);
|
||||
string salt = freelancerSalt.at(0).at(0).c_str();
|
||||
string hash = Utilities::hashPassword(salt, password);
|
||||
pqxx::result checkFreelancerHash = Database::executePreparedStatement_SELECT_CHECK_HASH_VALID(databaseConnection, email, hash);
|
||||
int checkFreelancerHashExtracted = stoi(checkFreelancerHash.at(0).at(0).c_str());
|
||||
if (checkFreelancerHashExtracted == 1) {
|
||||
//create secureCookie
|
||||
auto& cookieCtx = app.get_context<crow::CookieParser>(postRequest);
|
||||
std::string loginKeyValue = Utilities::generateRandomHashValueSHA512();
|
||||
Database::executePreparedStatement_UPDATE_LOGIN_VALIDATION_KEY(databaseConnection, loginKeyValue, email);
|
||||
std::string loginKeyCookieValue = Utilities::generateSecureCookieLoginKeyValue(loginKeyValue, stayLoggedIn);
|
||||
std::string freelancerEmailCookieValue = Utilities::generateSecureCookieFreelancerEmailValue(email, stayLoggedIn);
|
||||
cookieCtx.set_cookie("loginKey", loginKeyCookieValue);
|
||||
cookieCtx.set_cookie("freelancerEmail",freelancerEmailCookieValue);
|
||||
ctx[MUSTACHE_LOGIN_SUCCESS] = true;
|
||||
}
|
||||
else {
|
||||
ctx[MUSTACHE_LOGIN_ERROR] = true;
|
||||
ctx[MUSTACHE_LOGIN_ERROR_LOGIN_DATA_INVALID] = true;
|
||||
Utilities::loginLockOutIncrement(configuration, databaseConnection, email);
|
||||
}
|
||||
}
|
||||
else {
|
||||
ctx[MUSTACHE_LOGIN_ERROR] = true;
|
||||
@ -499,8 +512,10 @@ int main(int argc, char *argv[]) {
|
||||
}
|
||||
}
|
||||
else {
|
||||
pqxx::result loginLockOutInMinutes = Database::executePreparedStatement_SELECT_GET_LOGIN_LOCK_OUT_MINUTES(databaseConnection, email);
|
||||
ctx[MUSTACHE_LOGIN_ERROR] = true;
|
||||
ctx[MUSTACHE_LOGIN_ERROR_LOGIN_DATA_INVALID] = true;
|
||||
ctx[MUSTACHE_LOGIN_ERROR_LOCKED_OUT] = true;
|
||||
ctx[MUSTACHE_LOGIN_ERROR_LOCKED_OUT_MINUTES] = loginLockOutInMinutes.at(0).at(0).c_str();
|
||||
}
|
||||
}
|
||||
else {
|
||||
|
||||
Reference in New Issue
Block a user