security: implement user lockout (#1552)

* add data-types required for login security * implement user lockout checking at login * cleanup legacy patterns * expose passwords in test_user * test user lockout after bad attempts * test user service * bump alembic version * save increment to database * add locked_at to datetime transformer on import * do proper test cleanup * implement scheduled task * spelling * document env variables * implement context manager for session * use context manager * implement reset script * cleanup generator * run generator * implement API endpoint for resetting locked users * add button to reset all locked users * add info when account is locked * use ignore instead of expect-error
2025-07-24 15:49:42 +02:00 · 2022-08-13 13:18:12 -08:00 · 2022-08-13 13:18:12 -08:00 · b3c41a4bd0
commit b3c41a4bd0
parent ca64584fd1
35 changed files with 450 additions and 46 deletions
--- a/frontend/pages/admin/manage/users/index.vue
+++ b/frontend/pages/admin/manage/users/index.vue
@ -10,9 +10,22 @@
    <BaseCardSectionTitle title="User Management"> </BaseCardSectionTitle>
    <section>
      <v-toolbar color="background" flat class="justify-between">
-        <BaseButton to="/admin/manage/users/create">
+        <BaseButton to="/admin/manage/users/create" class="mr-2">
          {{ $t("general.create") }}
        </BaseButton>
+
+        <BaseOverflowButton
+          mode="event"
+          :items="[
+            {
+              text: 'Reset Locked Users',
+              icon: $globals.icons.lock,
+              event: 'unlock-all-users',
+            },
+          ]"
+          @unlock-all-users="unlockAllUsers"
+        >
+        </BaseOverflowButton>
      </v-toolbar>
      <v-data-table
        :headers="headers"
@ -53,14 +66,15 @@

 <script lang="ts">
 import { defineComponent, reactive, ref, toRefs, useContext, useRouter } from "@nuxtjs/composition-api";
-import { useUserApi } from "~/composables/api";
+import { useAdminApi } from "~/composables/api";
+import { alert } from "~/composables/use-toast";
 import { useUser, useAllUsers } from "~/composables/use-user";
 import { UserOut } from "~/types/api-types/user";

 export default defineComponent({
  layout: "admin",
  setup() {
-    const api = useUserApi();
+    const api = useAdminApi();
    const refUserDialog = ref();

    const { i18n } = useContext();
@ -97,9 +111,20 @@ export default defineComponent({
      { text: i18n.t("general.delete"), value: "actions", sortable: false, align: "center" },
    ];

+    async function unlockAllUsers(): Promise<void> {
+      const { data } = await api.users.unlockAllUsers(true);
+
+      if (data) {
+        const unlocked = data.unlocked ?? 0;
+
+        alert.success(`${unlocked} user(s) unlocked`);
+        refreshAllUsers();
+      }
+    }
+
    return {
+      unlockAllUsers,
      ...toRefs(state),
-      api,
      headers,
      deleteUser,
      loading,