airajena opened a new pull request, #5443: URL: https://github.com/apache/fineract/pull/5443
## Description Adds a configurable global setting to limit login retries and lock accounts after exceeding the configured threshold. Failed attempts are tracked per user, and a successful login resets the counter. This aligns with FINERACT-2004 and provides safer, configurable account protection without changing public APIs. **Key changes** - New global configuration `max-login-retry-attempts` (enabled flag + value). - Track `failed_login_attempts` on `m_appuser` and lock the user when the threshold is reached. - Reset failed attempts on successful authentication. - Added unit tests for login attempt handling and updated integration-test defaults. - Updated API docs with the new configuration entry. **Testing** - `./gradlew :fineract-core:spotlessApply :fineract-core:spotbugsMain :fineract-core:spotbugsTest :fineract-core:checkstyleMain :fineract-core:checkstyleTest` - `./gradlew :fineract-provider:spotlessApply :fineract-provider:spotbugsMain :fineract-provider:spotbugsTest :fineract-provider:checkstyleMain :fineract-provider:checkstyleTest` - `./gradlew :integration-tests:spotlessApply :integration-tests:spotbugsMain :integration-tests:spotbugsTest :integration-tests:checkstyleMain :integration-tests:checkstyleTest` ## Checklist - [x] Write the commit message as per [our guidelines](https://github.com/apache/fineract/blob/develop/CONTRIBUTING.md#pull-requests) - [x] Create/update [unit or integration tests](https://fineract.apache.org/docs/current/#_testing) for verifying the changes made. - [x] Follow our [coding conventions](https://cwiki.apache.org/confluence/display/FINERACT/Coding+Conventions). - [x] Add required Swagger annotation and update API documentation at fineract-provider/src/main/resources/static/legacy-docs/apiLive.htm with details of any API changes - [x] [This PR must not be a "code dump"](https://cwiki.apache.org/confluence/display/FINERACT/Pull+Request+Size+Limit). Large changes can be made in a branch, with assistance. Ask for help on the [developer mailing list](https://fineract.apache.org/#contribute). -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
