Differential D8911

Rate limit multi-factor actions
ClosedPublic
Actions

Authored by epriestley on Apr 30 2014, 4:21 PM.

Tags

None

Referenced Files

	F19076591: D8911.diff
	Mon, Dec 1, 12:27 PM

	F18870402: D8911.id.diff
	Nov 4 2025, 5:14 PM

	F18849203: D8911.id21146.diff
	Oct 30 2025, 8:23 AM

	F18846680: D8911.diff
	Oct 29 2025, 8:34 PM

	F18843778: D8911.diff
	Oct 29 2025, 12:45 AM

	F18841430: D8911.id21146.diff
	Oct 28 2025, 9:01 AM

	F18841428: D8911.id21167.diff
	Oct 28 2025, 9:01 AM

	F18826522: D8911.id21167.diff
	Oct 24 2025, 4:23 AM

Subscribers

Details

Reviewers

Maniphest Tasks

T4398: Implement two-factor authentication

Commits

Restricted Diffusion Commit
rP23e654ec2bc8: Rate limit multi-factor actions

Summary

Ref T4398. Prevent users from brute forcing multi-factor auth by rate limiting attempts. This slightly refines the rate limiting to allow callers to check for a rate limit without adding points, and gives users credit for successfully completing an auth workflow.

Test Plan

Tried to enter hisec with bad credentials 11 times in a row, got rate limited.

Diff Detail

Repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

epriestley updated this revision to Diff 21146.Apr 30 2014, 4:21 PM

epriestley retitled this revision from to Rate limit multi-factor actions.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: btrahan.

epriestley added a task: T4398: Implement two-factor authentication.

Herald added a subscriber: epriestley. · View Herald TranscriptApr 30 2014, 4:21 PM

Harbormaster completed remote builds in B143: Diff 21146.Apr 30 2014, 4:22 PM

btrahan accepted this revision.Apr 30 2014, 6:32 PM

btrahan edited edge metadata.

This revision is now accepted and ready to land.Apr 30 2014, 6:32 PM

Closed by commit rP23e654ec2bc8 (authored by @epriestley).

Revision Contents
Changeset List

Path

Size

resources/

celerity/

8 lines

src/

__phutil_library_map__.php

2 lines

applications/

auth/

action/

PhabricatorAuthTryFactorAction.php

21 lines

engine/

PhabricatorAuthSessionEngine.php

22 lines

system/

engine/

PhabricatorSystemActionEngine.php

56 lines

Diff 21167

resources/celerity/map.php

Loading...

src/__phutil_library_map__.php

Loading...

src/applications/auth/action/PhabricatorAuthTryFactorAction.php

Loading...

src/applications/auth/engine/PhabricatorAuthSessionEngine.php

Loading...

src/applications/system/engine/PhabricatorSystemActionEngine.php

Loading...