There is no way to unlock an account when max logins reached
alexcustos opened this issue · 11 comments
The current behavior is an issue because anyone could lock its own or another user account by accident or with a purpose and there is no way to unlock it. There is also no way to disable this feature. Administration panel doesn't accept zero, and the source code suggests to use the default value (5 attempts) instead of zero.
Frankly, I don't think it's OpenPaaS job. There is a good tool fail2ban that can sort out such issues way more efficient.
Hello @alexcustos
Yes, OpenPaaS does not support to unlock an account when max logins reached. And the ability to disable this feature is helpful to admin.
Thank you for your feedback. We do not have the plan to implement it now but will consider it.
This is such a huge problem... anyone have a mongo command to this at the very-least?
Hello,
Currently, You can configure the number of login attempts which allows users to tries to log in many times. Default is 5 times.
To configure that, you must log in as a platform admin -> go to Administration page -> Platform mode -> Login part
Then the blocked users can log in again.
I installed this 2 weeks ago and i dont have that option. But ill check out a newer version
You are login as a domain admin but not platform admin. To set you to become platform admin, check this doc at platformadmin part.
Also i got this if its helpful (use at your own risk)
$ mongo mongodb://localhost:27017/esn
> use esn
> db.users.updateOne({"firstname":"XXXX"}, {$set:{"login":{"failures":[]}}})
You are login as a domain admin but not platform admin. To set you to become platform admin, check this doc at
platformadminpart.
i ran this and i still only see these options
[root@ricardosaracino openpaas]# node ./bin/cli domain create --email admin@example.org --password XXXX
Connected to MongoDB at mongodb://localhost:27017/esn
[INFO] POPULATE admin
(node:62649) DeprecationWarning: Mongoose: mpromise (mongoose's default promise library) is deprecated, plug in your own promise library instead: http://mongoosejs.com/docs/promises.html
[INFO] POPULATE domain
[INFO] POPULATE Domain configuration and technical user
Creating technical user { name: 'Sabre Dav',
description: 'Allows to authenticate on Sabre DAV',
type: 'dav',
domain: 5d28804d11a1def4b96d8bb9,
data: { principal: 'principals/technicalUser' },
_id: 5d28804d11a1def4b96d8bba,
schemaVersion: 1 }
Creating feature flipping for inbox module { domain_id: 5d28804d11a1def4b96d8bb9,
_id: 5d28804d11a1def4b96d8bbb,
modules:
[ { name: 'linagora.esn.unifiedinbox', configurations: [Array] } ] }
Disconnecting from MongoDB
[CLI] INFO Created new domain
The correct command:
$ node ./bin/cli platformadmin init --email admin@open-paas.org
node ./bin/cli platformadmin init --email admin@example.org --force
Connected to MongoDB at mongodb://localhost:27017/esn
(node:91245) DeprecationWarning: Mongoose: mpromise (mongoose's default promise library) is deprecated, plug in your own promise library instead: http://mongoosejs.com/docs/promises.html
Disconnecting from MongoDB
[CLI] INFO Created platformadmin
i still dont see the login option
$ opctl --version
1.2.2
also tried this
$ opctl platformadmin set --username admin@example.org --password admin --email admin@example.org
[CLI] ERROR Error: Bad HTTP response status code 401
at Request.request [as _callback] (/usr/share/openpaas/bin/commons/httpClient.js:17:30)
at Request.self.callback (/usr/share/openpaas/node_modules/request/request.js:185:22)
at emitTwo (events.js:126:13)
at Request.emit (events.js:214:7)
at Request.<anonymous> (/usr/share/openpaas/node_modules/request/request.js:1157:10)
at emitOne (events.js:116:13)
at Request.emit (events.js:211:7)
at IncomingMessage.<anonymous> (/usr/share/openpaas/node_modules/request/request.js:1079:12)
at Object.onceWrapper (events.js:313:30)
at emitNone (events.js:111:20)
at IncomingMessage.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1064:12)
at _combinedTickCallback (internal/process/next_tick.js:139:11)
at process._tickCallback (internal/process/next_tick.js:181:9)
