Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

登录的用户状态提示支持可配置 #1434

Open
nannan00 opened this issue Nov 29, 2023 · 2 comments
Open

登录的用户状态提示支持可配置 #1434

nannan00 opened this issue Nov 29, 2023 · 2 comments
Assignees
@nannan00 @Xmandon
Labels
tenant 多租户版本功能

Comments

@nannan00
Copy link
Collaborator

nannan00 commented Nov 29, 2023
edited
Loading

背景:登录时可能会有很多种错误,比如用户不存在、用户状态冻结、被锁等等,但是由于安全原因,只能提示 ”用户名或密码不正确“,导致用户无法知道明确原因,而只能不断无目标的尝试

对于确保网络安全(比如完全内网环境)的情况, 允许配置显示精准的登录失败原因提示

  • 检查所有提示点
  • 全局配置 or 租户配置?
  • 每个提示点一个配置项,还是所有提示统一使用一个配置(全关/全开)

对于无法保证网络安全的情况,可以考虑接入防水验证码服务,如 https://cloud.tencent.com/document/product/1110/36334

关联 issue: 忘记密码 - 通过邮箱 / 手机号找回安全增强(#1564 )
@nannan00 nannan00 added the tenant 多租户版本功能 label Nov 29, 2023
@Xmandon
Copy link
Collaborator

Xmandon commented Dec 5, 2023

统一配置就可以了
全局配置

@Xmandon
Copy link
Collaborator

Xmandon commented Dec 5, 2023

交互待补充

@nannan00 nannan00 changed the title 登录的用户状态提示支持可配置 敏感场景执行防水验证 Feb 20, 2024
@nannan00 nannan00 changed the title 敏感场景执行防水验证 登录的用户状态提示支持可配置 Feb 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nannan00 nannan00

@Xmandon Xmandon

Labels
tenant 多租户版本功能
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nannan00 @Xmandon