Hi Florian Following are the review comments:
- The "MAX_LOGIN_ATTEMPTS" parameter is not present in the *config.py*. It should be there with some default value maybe 3. - Can be added like ########################################################################## # MAX_LOGIN_ATTEMPTS which sets the number of failed login attempts that # are allowed. If this value is exceeded the account is locked and can be # reset by an administrator. By setting the variable to the value zero # this feature is deactivated. ########################################################################## MAX_LOGIN_ATTEMPTS = 3 - I have tested by specifying the above value, and it seems the logic is not correct. I can perform N number of unsuccessful attempts and when I provided the correct password it shows the flash message "Account locked". - Once the account is locked, the pgAdmin4 server needs to restart, can we make it time-bound? I mean after N minutes user can try again, so no need to restart the pgAdmin4 server. On Wed, Jul 14, 2021 at 9:29 PM Florian Sabonchi <sabon...@posteo.de> wrote: > Hi I have a patch for bug #6337, in this patch you have the possibility > to set in the configuration file the value MAX_LOGIN_ATTEMPTS which sets > the number of failed login attempts that are allowed. If this value is > exceeded the account is locked and can be reset by an administrator. By > setting the variable to the value zero this feature is deactivated this > is necessary if the account of the administrator was locked. > > Comment: > > Unfortunately the test cases fail because there seems to be a bug with > the migration, but unfortunately I was not able to locate this bug. > > Unfortunately, in my opinion, the documentation does not sufficiently > explain how to correctly create the migrations. > > I would be very happy if you could expand the documentation in the > future what this concerns and create a detailed guide to create a > migration. (This also concerns the instructions for the integration test) > > With kind regards, > > Florian Sabonchi > > -- *Thanks & Regards* *Akshay Joshi* *pgAdmin Hacker | Principal Software Architect* *EDB Postgres <http://edbpostgres.com>* *Mobile: +91 976-788-8246*
