3 ani în urmă · ce70ee00d6
--- a/mod/auth/auth.go
+++ b/mod/auth/auth.go
@@ -1,22 +1,22 @@
 
				 package auth
			
 
				 
			
 
				 /*
			
 
				-ArOZ Online Authentication Module
			
 
				-author: tobychui
			
 
				+	ArOZ Online Authentication Module
			
 
				+	author: tobychui
			
 
				 
			
 
				-This system make use of sessions (similar to PHP SESSION) to remember the user login.
			
 
				-See https://gowebexamples.com/sessions/ for detail.
			
 
				+	This system make use of sessions (similar to PHP SESSION) to remember the user login.
			
 
				+	See https://gowebexamples.com/sessions/ for detail.
			
 
				 
			
 
				-Auth database are stored as the following key
			
 
				+	Auth database are stored as the following key
			
 
				 
			
 
				-auth/login/{username}/passhash => hashed password
			
 
				-auth/login/{username}/permission => permission level
			
 
				+	auth/login/{username}/passhash => hashed password
			
 
				+	auth/login/{username}/permission => permission level
			
 
				 
			
 
				-Other system variables related to auth
			
 
				+	Other system variables related to auth
			
 
				 
			
 
				-auth/users/usercount => Number of users in the system
			
 
				+	auth/users/usercount => Number of users in the system
			
 
				 
			
 
				-Pre-requirement: imuslab.com/arozos/mod/database
			
 
				+	Pre-requirement: imuslab.com/arozos/mod/database
			
 
				 */
			
 
				 
			
 
				 import (
			
--- a/mod/auth/explogin/explogin.go
+++ b/mod/auth/explogin/explogin.go
@@ -0,0 +1,51 @@
 
				+package explogin
			
 
				+
			
 
				+import (
			
 
				+	"math"
			
 
				+	"sync"
			
 
				+)
			
 
				+
			
 
				+/*
			
 
				+	Explogin.go
			
 
				+	Package to handle expotential login time
			
 
				+	so as to prevent someone from brute forcing your password
			
 
				+
			
 
				+	Author: tobychui
			
 
				+*/
			
 
				+
			
 
				+type UserLoginEntry struct {
			
 
				+	Username   string
			
 
				+	TargetIP   string
			
 
				+	Timestamp  int64
			
 
				+	RetryCount int64
			
 
				+}
			
 
				+
			
 
				+type ExpLoginHandler struct {
			
 
				+	LoginRecord  *sync.Map //Sync map to store UserLoginEntry, username+ip as key
			
 
				+	BaseDelay    int       //Base delay exponent
			
 
				+	DelayCeiling int       //Max delay time
			
 
				+}
			
 
				+
			
 
				+//Create a new exponential login handler object
			
 
				+func NewExponentialLoginHandler(baseDelay int) *ExpLoginHandler {
			
 
				+	recordMap := sync.Map{}
			
 
				+
			
 
				+	return &ExpLoginHandler{
			
 
				+		LoginRecord: &recordMap,
			
 
				+		BaseDelay:   baseDelay,
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+//Check allow access now, if false return how many seconds till next retry
			
 
				+func (e *ExpLoginHandler) AllowImmediateAccess(username string, ip string) (bool, int64) {
			
 
				+
			
 
				+}
			
 
				+
			
 
				+func (e *ExpLoginHandler) getDelayTimeFromRetryCount(retryCount int) int64 {
			
 
				+	delaySecs := int64(math.Floor((math.Pow(2, float64(retryCount)) - 1) * 0.5))
			
 
				+	if delaySecs > int64(e.DelayCeiling) {
			
 
				+		delaySecs = int64(e.DelayCeiling)
			
 
				+	}
			
 
				+
			
 
				+	return delaySecs
			
 
				+}