barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-03-26 00:17:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: review comments

Browse Source
This commit is contained in:
Stavros
2026-03-22 23:06:23 +02:00
parent f9b1aeb23e
commit 6b0d804ba3
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/service/auth_service.go
View File

@@ -25,7 +25,7 @@ import (
// but for now these are just safety limits to prevent unbounded memory usage // but for now these are just safety limits to prevent unbounded memory usage
const MaxOAuthPendingSessions = 256 const MaxOAuthPendingSessions = 256
const OAuthCleanupCount = 16 const OAuthCleanupCount = 16
const MaxLoginAttemptRecords = 5 const MaxLoginAttemptRecords = 256
type OAuthPendingSession struct { type OAuthPendingSession struct {
State string State string
@@ -242,6 +242,9 @@ func (auth *AuthService) RecordLoginAttempt(identifier string, success bool) {
defer auth.loginMutex.Unlock() defer auth.loginMutex.Unlock()
if len(auth.loginAttempts) >= MaxLoginAttemptRecords { if len(auth.loginAttempts) >= MaxLoginAttemptRecords {
if auth.lockdown != nil || !auth.lockdown.Active {
return
}
go auth.lockdownMode() go auth.lockdownMode()
return return
} }
@@ -780,11 +783,11 @@ func (auth *AuthService) lockdownMode() {
// we might as well clear them to free up memory // we might as well clear them to free up memory
auth.loginAttempts = make(map[string]*LoginAttempt) auth.loginAttempts = make(map[string]*LoginAttempt)
auth.loginMutex.Unlock()
timer := time.NewTimer(time.Until(auth.lockdown.ActiveUntil)) timer := time.NewTimer(time.Until(auth.lockdown.ActiveUntil))
defer timer.Stop() defer timer.Stop()
auth.loginMutex.Unlock()
<-timer.C <-timer.C
auth.loginMutex.Lock() auth.loginMutex.Lock()