[Checkins] SVN: z3c.password/branches/adamg-options/src/z3c/password/principal. lockOutPeriod did not work as expected
Adam Groszer
agroszer at gmail.com
Sun Jun 14 10:43:36 EDT 2009
Log message for revision 100950:
lockOutPeriod did not work as expected
Changed:
U z3c.password/branches/adamg-options/src/z3c/password/principal.py
U z3c.password/branches/adamg-options/src/z3c/password/principal.txt
-=-
Modified: z3c.password/branches/adamg-options/src/z3c/password/principal.py
===================================================================
--- z3c.password/branches/adamg-options/src/z3c/password/principal.py 2009-06-14 14:15:47 UTC (rev 100949)
+++ z3c.password/branches/adamg-options/src/z3c/password/principal.py 2009-06-14 14:43:36 UTC (rev 100950)
@@ -58,7 +58,9 @@
if not ignoreFailures and self.lastFailedAttempt is not None:
attempts = self._maxFailedAttempts()
- if attempts is not None and self.failedAttempts > attempts:
+ #this one needs to be >=, because... data just does not
+ #get saved on an exception when running under of a full Zope env.
+ if attempts is not None and self.failedAttempts >= attempts:
lockPeriod = self._lockOutPeriod()
if lockPeriod is not None:
#check if the user locked himself
Modified: z3c.password/branches/adamg-options/src/z3c/password/principal.txt
===================================================================
--- z3c.password/branches/adamg-options/src/z3c/password/principal.txt 2009-06-14 14:15:47 UTC (rev 100949)
+++ z3c.password/branches/adamg-options/src/z3c/password/principal.txt 2009-06-14 14:43:36 UTC (rev 100950)
@@ -409,16 +409,10 @@
>>> user.checkPassword('456456')
False
- >>> NOW = datetime.datetime(2009, 6, 14, 13, 0)+datetime.timedelta(minutes=4)
- >>> user.checkPassword('456456')
- Traceback (most recent call last):
- ...
- TooManyLoginFailures: The password was entered incorrectly too often.
-
The timestamp of the last bad try is recorded:
>>> user.lastFailedAttempt
- datetime.datetime(2009, 6, 14, 13, 4)
+ datetime.datetime(2009, 6, 14, 13, 3)
The user cannot login within the next 60 minutes.
@@ -493,16 +487,10 @@
>>> user.checkPassword('456456')
False
- >>> NOW = datetime.datetime(2009, 6, 14, 13, 0)+datetime.timedelta(minutes=4)
- >>> user.checkPassword('456456')
- Traceback (most recent call last):
- ...
- TooManyLoginFailures: The password was entered incorrectly too often.
-
The timestamp of the last bad try is recorded:
>>> user.lastFailedAttempt
- datetime.datetime(2009, 6, 14, 13, 4)
+ datetime.datetime(2009, 6, 14, 13, 3)
The user cannot login within the next 60 minutes.
More information about the Checkins
mailing list