Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add blocked state #4204

Closed
wants to merge 35 commits into from
Closed

Add blocked state #4204

wants to merge 35 commits into from

Conversation

walmadhagi
Copy link

Related issue(s)

Checklist

  • I have read the contributing guidelines.
  • I have referenced an issue containing the design document if my change
    introduces a new feature.
  • I am following the
    contributing code guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security vulnerability, I
    confirm that I got the approval (please contact
    [email protected]) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further Comments

malosayli and others added 30 commits October 15, 2024 21:22
@malosayli
feat: Implement recovery code via SMS
5ce4cab 
This commit introduces the following changes:
- Add SMS template for recovery code
- Update config to support SMS recovery
- Extend identity schema for recovery settings
- Modify recovery strategy to handle SMS code delivery
- Update gitignore to exclude new development files

These changes enable users to receive recovery codes via SMS,
enhancing the account recovery options and improving user experience.
@aalkhodiry
Merge pull request #1 from nayla-finance/inv-recovery
b7cb59d 
feat: Implement recovery code via SMS
@malosayli
feat: Implement login attempt tracking and account deactivation
fe4788e 
This change introduces a new feature to track failed login attempts and
deactivate accounts after a configured number of failures within a specified
time window. The main components of this change include:

1. New database table for storing login attempts (currently only failed attempts)
2. Updated password login strategy to record failed attempts
3. Logic to deactivate accounts when max attempts are exceeded
4. Configuration options for max attempts and time window
5. New error messages for account deactivation due to failed attempts

This enhancement improves security by preventing brute-force attacks and
adds a layer of protection for user accounts.
@aalkhodiry
Merge pull request #2 from nayla-finance/add-login-attempts
58accf0 
feat: Implement login attempt tracking and account deactivation
@malosayli
chore: update schema versions
394987c
@aalkhodiry
Merge pull request #3 from nayla-finance/add-login-attempts
fdf0fd1 
chore: update schema versions
@aalkhodiry
ci: update CI workflow and reorganize GitHub Actions
957a70f 
- Add new master.yaml workflow for CI/CD pipeline
- Build and push Docker images for x86 and arm64 architectures
- Utilize GitHub Container Registry (ghcr.io)
- Move existing workflows to .github/workflows/old/ directory
- Streamline CI process for master branch and tag releases
@aalkhodiry
update
08f30d9
@aalkhodiry
removed master push build
ccacee5
@malosayli
feat: reactivate inactive account on recovery
fa0392f
@aalkhodiry
Merge pull request #4 from nayla-finance/reactivate-on-password-reset
0b0af0d 
feat: reactivate inactive account on recovery
@aalkhodiry
dev and release
51912d7
@malosayli
feat: add inactive identity deactivation
82c76e5 
Adds functionality to automatically deactivate identities that have been inactive
for a configurable period.

Key changes:
- Add config option for inactivity threshold period
- Add API endpoint to list and deactivate inactive identities
- Add SQL queries to find and update inactive identities
- Add manager and persister methods to handle deactivation
@malosayli
refactor: only run deactivation if there are any inactive identities
babaf58
@malosayli
chore: add identity inactivity threshold config key
0b6906c
@malosayli
chore: new config to schema json file
2c790a0
@aalkhodiry
Merge pull request #5 from nayla-finance/inactive-account
98410f6 
Add Inactive account endpoint
@aalkhodiry
updated the link of the schema
4ff5efb
@malosayli
feat: Implement recovery code via SMS
ceca748 
This commit introduces the following changes:
- Add SMS template for recovery code
- Update config to support SMS recovery
- Extend identity schema for recovery settings
- Modify recovery strategy to handle SMS code delivery
- Update gitignore to exclude new development files

These changes enable users to receive recovery codes via SMS,
enhancing the account recovery options and improving user experience.
@malosayli
feat: Implement login attempt tracking and account deactivation
bea573c 
This change introduces a new feature to track failed login attempts and
deactivate accounts after a configured number of failures within a specified
time window. The main components of this change include:

1. New database table for storing login attempts (currently only failed attempts)
2. Updated password login strategy to record failed attempts
3. Logic to deactivate accounts when max attempts are exceeded
4. Configuration options for max attempts and time window
5. New error messages for account deactivation due to failed attempts

This enhancement improves security by preventing brute-force attacks and
adds a layer of protection for user accounts.
@malosayli
chore: update schema versions
e24518d
@aalkhodiry @malosayli
ci: update CI workflow and reorganize GitHub Actions
dac4e8d 
- Add new master.yaml workflow for CI/CD pipeline
- Build and push Docker images for x86 and arm64 architectures
- Utilize GitHub Container Registry (ghcr.io)
- Move existing workflows to .github/workflows/old/ directory
- Streamline CI process for master branch and tag releases
@aalkhodiry @malosayli
update
8e7e276
@aalkhodiry @malosayli
removed master push build
2ae7c3a
@malosayli
feat: reactivate inactive account on recovery
9718aa7
@aalkhodiry @malosayli
dev and release
8d68ffd
@malosayli
feat: add inactive identity deactivation
8ca175f 
Adds functionality to automatically deactivate identities that have been inactive
for a configurable period.

Key changes:
- Add config option for inactivity threshold period
- Add API endpoint to list and deactivate inactive identities
- Add SQL queries to find and update inactive identities
- Add manager and persister methods to handle deactivation
@malosayli
refactor: only run deactivation if there are any inactive identities
d323c06
@malosayli
chore: add identity inactivity threshold config key
5a1e370
@malosayli
chore: new config to schema json file
2742cf9
@CLAassistant
Copy link

CLAassistant commented Nov 12, 2024
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
0 out of 3 committers have signed the CLA.

❌ wasim almadhagi
❌ aalkhodiry
❌ malosayli

wasim almadhagi seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@walmadhagi walmadhagi closed this Nov 12, 2024
@aalkhodiry aalkhodiry deleted the add-blocked-state branch November 12, 2024 18:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeneasr aeneasr Awaiting requested review from aeneasr aeneasr is a code owner

@zepatrik zepatrik Awaiting requested review from zepatrik zepatrik is a code owner

@hperl hperl Awaiting requested review from hperl hperl is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@walmadhagi @CLAassistant @malosayli @aalkhodiry