SECURITY UPDATE

* Handle failed login attempts via Telnet * New lockout features for >= N failed attempts * New auto-unlock over email feature * New auto-unlock after N minutes feature * Code cleanup in users * Add user_property.js - start using consts for user properties. Clean up over time. * Update email docs
2025-06-06 12:47:13 +02:00 · 2018-11-22 23:07:37 -07:00 · 2018-11-22 23:07:37 -07:00 · df2bf4477e
commit df2bf4477e
parent f18b023652
18 changed files with 401 additions and 100 deletions
--- a/core/system_menu_method.js
+++ b/core/system_menu_method.js
@ -26,13 +26,21 @@ function login(callingMenu, formData, extraArgs, cb) {

    userLogin(callingMenu.client, formData.value.username, formData.value.password, err => {
        if(err) {
-            //  login failure
+            //  already logged in with this user?
            if(ErrorReasons.AlreadyLoggedIn === err.reasonCode &&
                _.has(callingMenu, 'menuConfig.config.tooNodeMenu'))
            {
                return callingMenu.gotoMenu(callingMenu.menuConfig.config.tooNodeMenu, cb);
            }

+            const ReasonsMenus = [
+                ErrorReasons.TooMany, ErrorReasons.Disabled, ErrorReasons.Inactive, ErrorReasons.Locked
+            ];
+            if(ReasonsMenus.includes(err.reasonCode)) {
+                const menu = _.get(callingMenu, [ 'menuConfig', 'config', err.reasonCode.toLowerCase() ]);
+                return menu ? callingMenu.gotoMenu(menu, cb) : logoff(callingMenu, {}, {}, cb);
+            }
+
            //  Other error
            return callingMenu.prevMenu(cb);
        }