Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(query): Support check password policy when login #14124

Merged
merged 6 commits into from
Jan 4, 2024
Merged

feat(query): Support check password policy when login #14124

merged 6 commits into from
Jan 4, 2024

Conversation

b41sh
Copy link
Member

@b41sh b41sh commented Dec 21, 2023
edited
Loading

I hereby agree to the terms of the CLA available at: https://docs.databend.com/dev/policies/cla/

Summary

Briefly describe what this PR aims to solve. Include background context that will help reviewers understand the purpose of the PR.

  • UserInfo Add the following fields for password-related information verification
    • history_auth_infos: Vec<AuthInfo>: Recently changed history passwords, used to detect whether the newly changed password is repeated with the history passwords.
    • password_fail_ons: Vec<DateTime<Utc>>: The time of the most recent failed login with wrong passwords, used to detect whether the number of failed logins exceeds the limit, if so, the login will be locked for a while.
    • password_update_on: Option<DateTime<Utc>>: The time of the last password change, used to check if the minimum allowed time has been exceeded when changing the password, and to check if the maximum time that must be changed has been exceeded when login.
    • lockout_time: Option<DateTime<Utc>>: Login lockout time, records the end time of login lockout due to multiple password fails.
  • when changing the password, determine whether the minimum number of days is exceeded and whether the password is repeated with the historical passwords.
  • When login, determine whether the maximum number of fails has been exceeded, whether the login is locked, and whether the maximum number of days to change the password is exceeded.

Fixes #13994

Tests

  • Unit Test
  • Logic Test
  • Benchmark Test
  • No Test - Explain why

Type of change

  • Bug Fix (non-breaking change which fixes an issue)
  • New Feature (non-breaking change which adds functionality)
  • Breaking Change (fix or feature that could cause existing functionality not to work as expected)
  • Documentation Update
  • Refactoring
  • Performance Improvement
  • Other (please describe):

This change is Reviewable

@github-actions github-actions bot added the pr-feature this PR introduces a new feature to the codebase label Dec 21, 2023
@b41sh b41sh force-pushed the feat-password-policy-2 branch 2 times, most recently from 3425f23 to 776751e Compare December 25, 2023 15:49
@b41sh b41sh force-pushed the feat-password-policy-2 branch from f695a9d to 42fcc26 Compare January 2, 2024 09:12
@b41sh b41sh force-pushed the feat-password-policy-2 branch from d83834a to 9af0c8c Compare January 2, 2024 10:34
@b41sh b41sh requested a review from sundy-li January 3, 2024 11:11
@b41sh b41sh marked this pull request as ready for review January 3, 2024 11:11
@b41sh b41sh requested a review from drmingdrmer as a code owner January 3, 2024 11:11
drmingdrmer
drmingdrmer reviewed Jan 3, 2024
View reviewed changes
Copy link
Member

@drmingdrmer drmingdrmer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The explanation for each field in the PR description is very useful. They should be part of the field comment. So that

Reviewed 13 of 29 files at r1, all commit messages.
Reviewable status: 13 of 29 files reviewed, all discussions resolved (waiting on @sundy-li)

@BohuTANG BohuTANG merged commit c63d107 into databendlabs:main Jan 4, 2024
71 of 72 checks passed
@BohuTANG
Copy link
Member

BohuTANG commented Jan 4, 2024

@soyeric128 For documents. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sundy-li sundy-li sundy-li approved these changes

@drmingdrmer drmingdrmer drmingdrmer approved these changes

Assignees
No one assigned
Labels
pr-feature this PR introduces a new feature to the codebase
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat: PASSWORD POLICY
4 participants
@b41sh @BohuTANG @drmingdrmer @sundy-li