feat: make attemptLockout rules injectable in the Config interface #1433
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: fc-santos <filipesantos@live.ca>
Signed-off-by: fc-santos <filipesantos@live.ca>
Signed-off-by: fc-santos <filipesantos@live.ca>
Signed-off-by: fc-santos <filipesantos@live.ca>
There was a problem hiding this comment.
Not gonna stop this PR from being merged as-is, but I wonder if these two config objects (attemptLockoutBaseRules and attemptLockoutThresholdRules) could be merged and simplified a bit - just attemptLockoutRules? It would be easier to read and remove the need for some of the destructuring and extra effect dependencies in PINEnter.tsx. What do you think?
Signed-off-by: fc-santos <filipesantos@live.ca>
Signed-off-by: fc-santos <filipesantos@live.ca>
|
al-rosenthal
approved these changes
Feb 11, 2025
MaSMas0
pushed a commit
to MosCD3/aries-mobile-agent-react-native
that referenced
this pull request
Feb 17, 2025
…penwallet-foundation#1433) Signed-off-by: fc-santos <filipesantos@live.ca> Signed-off-by: Mohamed Abd El-Samie Ahmad Mansour <masmas04@gmail.com>
MaSMas0
pushed a commit
to MosCD3/aries-mobile-agent-react-native
that referenced
this pull request
Feb 17, 2025
…penwallet-foundation#1433) Signed-off-by: fc-santos <filipesantos@live.ca> Signed-off-by: Mohamed Abd El-Samie Ahmad Mansour <masmas04@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary of Changes
This PR makes the attempt lockout rules injectable in the Config interface. The default values are as seen in the
constants.tsfile. If a wallet decides to make their own rules, the attemptLockoutBaseRules keys need to be multiples of the attemptLockoutThresholdRules.attemptIncrement.Screenshots, videos, or gifs
N/A
Breaking change guide
N/A
Related Issues
This also fixes an issue where after the first 5 tries, the user gets locked out for 1 minute. After the user has served the 1 minute penalty, they can try again. But then if they make the wrong PIN, they get locked out right away and the penalty doesn't increase (it stays locked for 1 minute).
Pull Request Checklist
Tick all boxes below to demonstrate that you have completed the respective task. If the item does not apply to your this PR check it anyway to make it apparent that there's nothing to do.
Signed-off-byline (we use the DCO GitHub app to enforce this)If you have any questions to any of the points above, just submit and ask! This checklist is here to help you, not to deter you from contributing!
Pro Tip 🤓