Reviewers: ,
Please review this at http://codereview.tryton.org/852002/ Affected files: M trytond/res/user.py Index: trytond/res/user.py =================================================================== --- a/trytond/res/user.py +++ b/trytond/res/user.py @@ -460,11 +460,11 @@ if isinstance(password, unicode): password = password.encode('utf-8') password_sha = hashlib.sha1(password).hexdigest() + time.sleep(2 ** LoginAttempt.count(user_id) - 1) if password_sha == user_password: LoginAttempt.delete(user_id) return user_id LoginAttempt.add(user_id) - time.sleep(2 ** LoginAttempt.count(user_id)) return 0 @@ -491,8 +491,11 @@ @classmethod def count(cls, user_id): cursor = Transaction().cursor - cursor.execute('SELECT count(1) FROM "' - + cls._table + '" WHERE "user" = %s', (user_id,)) + delay = (datetime.datetime.now() + - datetime.timedelta(seconds=int(CONFIG['session_timeout']))) + cursor.execute('SELECT count(1) FROM "' + cls._table + '" ' + 'WHERE "user" = %s AND create_date >= %s', + (user_id, delay)) return cursor.fetchone()[0]
