senke/veza - Talas Project: Beyond coding. We Forge.

senke/veza

Fork 0

Commit graph

Author	SHA1	Message	Date
senke	32d89d80eb	incus deployement fully implemented, Makefile updated and make fmt ran	2026-01-13 19:47:57 +01:00
senke	af1e57b418	[BE-SEC-007] security: Implement account lockout after failed login attempts - Created AccountLockoutService to track failed login attempts - Accounts are locked after 5 failed attempts within 15 minutes - Lockout duration: 30 minutes (auto-unlock) - Service uses Redis for persistence (fail-open if Redis unavailable) - Integrated into AuthService Login method: * Check account lockout status before login * Record failed attempts (even for non-existent users to prevent enumeration) * Reset failed attempts counter on successful login * Auto-unlock expired accounts - Added SetAccountLockoutService method to AuthService - Service initialized in router when Redis is available Phase: PHASE-4 Priority: P1 Progress: 9/267 (3.4%)	2025-12-24 12:10:41 +01:00

Author

SHA1

Message

Date

senke

32d89d80eb

incus deployement fully implemented, Makefile updated and make fmt ran

2026-01-13 19:47:57 +01:00

senke

af1e57b418

[BE-SEC-007] security: Implement account lockout after failed login attempts

- Created AccountLockoutService to track failed login attempts
- Accounts are locked after 5 failed attempts within 15 minutes
- Lockout duration: 30 minutes (auto-unlock)
- Service uses Redis for persistence (fail-open if Redis unavailable)
- Integrated into AuthService Login method:
  * Check account lockout status before login
  * Record failed attempts (even for non-existent users to prevent enumeration)
  * Reset failed attempts counter on successful login
  * Auto-unlock expired accounts
- Added SetAccountLockoutService method to AuthService
- Service initialized in router when Redis is available

Phase: PHASE-4
Priority: P1
Progress: 9/267 (3.4%)

2025-12-24 12:10:41 +01:00

2 commits