[Captcha] Implement failed logins ceiling (#1870)

* [Hacker1] Failed Login Attempts Captcha * [Captcha] Implement failed logins ceiling * Formatting * Updated approach after implementation talks with Kyle * Updated email templates // Updated calling arch for failed attempts * Formatting * Updated 2fa email links * Renamed baserequest methods to better match their actions * EF migrations/scripts * Updated with requested changes * Defaults for MaxiumumFailedLoginAttempts
2026-01-10 12:33:49 +00:00 · 2022-03-02 15:45:00 -06:00
parent 7bdb07da93
commit 19d5817f8f
30 changed files with 3669 additions and 19 deletions
--- a/src/Core/Services/ICaptchaValidationService.cs
+++ b/src/Core/Services/ICaptchaValidationService.cs
@@ -8,9 +8,10 @@ namespace Bit.Core.Services
    {
        string SiteKey { get; }
        string SiteKeyResponseKeyName { get; }
-        bool RequireCaptchaValidation(ICurrentContext currentContext);
+        bool RequireCaptchaValidation(ICurrentContext currentContext, int? failedLoginCount = null);
        Task<bool> ValidateCaptchaResponseAsync(string captchResponse, string clientIpAddress);
        string GenerateCaptchaBypassToken(User user);
        bool ValidateCaptchaBypassToken(string encryptedToken, User user);
+        bool ValidateFailedAuthEmailConditions(bool unknownDevice, int failedLoginCount);
    }
 }