Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-04 20:36:03 +01:00
Code Issues Packages Projects Releases Activity

IP pseudonymization for rate limiter (#1589)

Browse Source 
requirement of gdpr
This commit is contained in:
Rotzbua
2019-01-15 01:55:56 +01:00
committed by Andy Miller
parent 9cc004f188
commit 4d5eb659c0
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
classes/admin.php
View File

@@ -367,6 +367,9 @@ class Admin
$ipKey = Uri::ip();
$redirect = isset($post['redirect']) ? $post['redirect'] : $this->base . $this->route;
// Pseudonymization of the IP
$ipKey = sha1($ipKey . $this->grav['config']->get('security.salt'));
// Check if the current IP has been used in failed login attempts.
$attempts = count($rateLimiter->getAttempts($ipKey, 'ip'));