[SR-Users] Login Attempts
Ahmed Marsou
amarsou1988 at gmail.com
Tue May 26 22:12:37 CEST 2020
Sorry, what I want is to block a user after 'n' incorrect login attempts
and leave it blocked until a user unblocks them from the website. I try
something with the htable module but I don't know if I can save the value
in the database. Is going to check if the number of login attempts is >
'n', and if is > 'n', I gonna leave it blocked and send a MESSAGE to an app.
I starting with something like this:
modparam("htable", "htable", "a=>size=8;autoexpire=920;") . . .
if(is_present_hf("Authorization")){ reg_fetch_contacts("location", "$fu",
"existingContact"); if($sht(a=>$au::auth_count)==3){ xlog("Other attempts
auth failed more than 3 times - src ip: $si\n"); $var(address) = $si;
$var(ruri) = "[" + $var(address)+ "]" + ":" + $sp + ";" + "transport" + "="
+ $proto; #Send a SIP Request signalling the problem and its reason on the
body $uac_req(method)="MESSAGE"; $uac_req(ruri) = "sip:"+ $au + "@" +
$var(ruri); $uac_req(furi) = "sip:kamailio at ericsson.net"; $uac_req(turi) =
$fu; $uac_req(hdrs)="Max-Forwards: 70\r\nEvent: reg\r\nContent-Type:
text/plain\r\nAccept-Contact:*;+g.ext.app.registration\r\n";
$uac_req(body)="Accout Blocked. Plese contact with your adminstrator";
uac_req_send(); exit; }else{ $sht(a=>$au::auth_count) = 0; }
if(!www_authenticate("ericsson.net", "subscriber")){ switch ($retcode) {
case -1: sl_send_reply("403", "Forbidden"); exit; case -2:
if($sht(a=>$au::auth_count) == $null) $sht(a=>$au::auth_count) = 0;
$sht(a=>$au::auth_count) = $sht(a=>$au::auth_count) + 1; break; }
www_challenge("$td"/*realm*/,"0"/*qop*/); exit; } $sht(a=>$au::auth_count)
= 0; } else { www_challenge("$td","0"); exit; } }
But first problem:
Is not counting. I dont know if I have to configure any param more to start
counting attempts?
Second problem:
I dont know the best option to save the login attempts on databes. Theres
is any module that can help?
Thank you so much.
El mar., 26 may. 2020 a las 21:56, Daniel-Constantin Mierla (<
miconda at gmail.com>) escribió:
> Hello,
>
> if you look for inserting into/querying from a database table from config
> script, look at sqlops module.
>
> If you need something else, provide more details about what you want to
> achieve.
>
> Cheers,
> Daniel
> On 26.05.20 20:38, Ahmed Marsou wrote:
>
> Hi;
> I have to control the login attempts, but blocking the user until I unlock
> him from web site. To do that I have to save the paramter on database.
> There is any table and column where I can save that parameter?
> I'm using the htable module to count the Authentification attempts.
> There's is any module that do that easily?
> Thank you.
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing Listsr-users at lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> --
> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
> Funding: https://www.paypal.me/dcmierla
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200526/eb5d8aca/attachment.html>
More information about the sr-users
mailing list