privacyidea / privacyidea
Showing 1 of 1 files from the diff.

@@ -53,7 +53,20 @@
Loading
53 53
    db.session.commit()
54 54
55 55
56 -
def delete_from_cache(username, realm, resolver, password):
56 +
def delete_from_cache(username, realm, resolver, password, last_valid_cache_time=None, max_auths=0):
57 +
    """
58 +
    Deletes all authcache entries that match the user and either match the password, are expired, or have reached the
59 +
    maximum number of allowed authentications.
60 +
61 +
    :param username:
62 +
    :param realm:
63 +
    :param resolver:
64 +
    :param password:
65 +
    :param last_valid_cache_time: Oldest valid time for a cache entry to be still valid. I.e., if the first
66 +
    authentication of the entry is before this time point, it is not valid anymore.
67 +
    :param max_auths: Maximum number of allowed authentications.
68 +
    
69 +
    """
57 70
    cached_auths = db.session.query(AuthCache).filter(AuthCache.username == username,
58 71
                                                      AuthCache.realm == realm,
59 72
                                                      AuthCache.resolver == resolver).all()
@@ -64,6 +77,11 @@
Loading
64 77
        try:
65 78
            if argon2.verify(password, cached_auth.authentication):
66 79
                delete_entry = True
80 +
            elif max_auths > 0:
81 +
                delete_entry = cached_auth.auth_count >= max_auths
82 +
            elif last_valid_cache_time is not None:
83 +
                delete_entry = cached_auth.first_auth > last_valid_cache_time
84 +
67 85
        except ValueError:
68 86
            log.debug("Old (non-argon2) authcache entry for user {0!s}@{1!s}.".format(username, realm))
69 87
            # Also delete old entries
@@ -141,6 +159,6 @@
Loading
141 159
142 160
    if not result:
143 161
        # Delete older entries
144 -
        delete_from_cache(username, realm, resolver, password)
162 +
        delete_from_cache(username, realm, resolver, password, first_auth, max_auths)
145 163
146 164
    return result
Files Coverage
privacyidea 96.58%
Project Totals (162 files) 96.58%
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading