Stirling-PDF/src/main/java/stirling/software/SPDF/config/security/LoginAttemptService.java

package stirling.software.SPDF.config.security;

import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import jakarta.annotation.PostConstruct;
import stirling.software.SPDF.model.ApplicationProperties;
import stirling.software.SPDF.model.AttemptCounter;

@Service
public class LoginAttemptService {

    @Autowired ApplicationProperties applicationProperties;

    private int MAX_ATTEMPTS;
    private long ATTEMPT_INCREMENT_TIME;

    @PostConstruct
    public void init() {
        MAX_ATTEMPTS = applicationProperties.getSecurity().getLoginAttemptCount();
        ATTEMPT_INCREMENT_TIME =
                TimeUnit.MINUTES.toMillis(
                        applicationProperties.getSecurity().getLoginResetTimeMinutes());
    }

    private final ConcurrentHashMap<String, AttemptCounter> attemptsCache =
            new ConcurrentHashMap<>();

    public void loginSucceeded(String key) {
        attemptsCache.remove(key.toLowerCase());
    }

    public boolean loginAttemptCheck(String key) {
        return attemptsCache
                        .compute(
                                key.toLowerCase(),
                                (k, attemptCounter) -> {
                                    if (attemptCounter == null
                                            || attemptCounter.shouldReset(ATTEMPT_INCREMENT_TIME)) {
                                        return new AttemptCounter();
                                    } else {
                                        attemptCounter.increment();
                                        return attemptCounter;
                                    }
                                })
                        .getAttemptCount()
                >= MAX_ATTEMPTS;
    }

    public boolean isBlocked(String key) {
        AttemptCounter attemptCounter = attemptsCache.get(key.toLowerCase());
        if (attemptCounter != null) {
            return attemptCounter.getAttemptCount() >= MAX_ATTEMPTS
                    && !attemptCounter.shouldReset(ATTEMPT_INCREMENT_TIME);
        }
        return false;
    }
}
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`package stirling.software.SPDF.config.security;`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`import java.util.concurrent.ConcurrentHashMap;`
			`import java.util.concurrent.TimeUnit;`
import clean 2023-12-24 17:56:31 +00:00
reviews 2023-12-29 20:48:21 +00:00			`import org.springframework.beans.factory.annotation.Autowired;`
import clean 2023-12-24 17:56:31 +00:00			`import org.springframework.stereotype.Service;`

reviews 2023-12-29 20:48:21 +00:00			`import jakarta.annotation.PostConstruct;`
			`import stirling.software.SPDF.model.ApplicationProperties;`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`import stirling.software.SPDF.model.AttemptCounter;`

			`@Service`
			`public class LoginAttemptService {`

reviews 2023-12-29 20:48:21 +00:00			`@Autowired ApplicationProperties applicationProperties;`
formatting 2023-12-30 19:11:27 +00:00
reviews 2023-12-29 20:48:21 +00:00			`private int MAX_ATTEMPTS;`
			`private long ATTEMPT_INCREMENT_TIME;`
formatting 2023-12-30 19:11:27 +00:00
reviews 2023-12-29 20:48:21 +00:00			`@PostConstruct`
			`public void init() {`
			`MAX_ATTEMPTS = applicationProperties.getSecurity().getLoginAttemptCount();`
			`ATTEMPT_INCREMENT_TIME =`
			`TimeUnit.MINUTES.toMillis(`
			`applicationProperties.getSecurity().getLoginResetTimeMinutes());`
			`}`
formatting 2023-12-30 19:11:27 +00:00
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`private final ConcurrentHashMap<String, AttemptCounter> attemptsCache =`
			`new ConcurrentHashMap<>();`

			`public void loginSucceeded(String key) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`attemptsCache.remove(key.toLowerCase());`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`}`

			`public boolean loginAttemptCheck(String key) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`return attemptsCache`
			`.compute(`
			`key.toLowerCase(),`
			`(k, attemptCounter) -> {`
			`if (attemptCounter == null`
			`\|\| attemptCounter.shouldReset(ATTEMPT_INCREMENT_TIME)) {`
			`return new AttemptCounter();`
			`} else {`
			`attemptCounter.increment();`
			`return attemptCounter;`
			`}`
			`})`
			`.getAttemptCount()`
			`>= MAX_ATTEMPTS;`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`}`

			`public boolean isBlocked(String key) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`AttemptCounter attemptCounter = attemptsCache.get(key.toLowerCase());`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`if (attemptCounter != null) {`
extends the functionality of oauth in Stirling PDF 2024-05-12 19:58:34 +02:00			`return attemptCounter.getAttemptCount() >= MAX_ATTEMPTS`
			`&& !attemptCounter.shouldReset(ATTEMPT_INCREMENT_TIME);`
internal API plus brute force security 2023-12-24 17:12:32 +00:00			`}`
			`return false;`
			`}`
			`}`