-
Notifications
You must be signed in to change notification settings - Fork 286
Add login attempts limit Hint and block due time. #217
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need moment, we are already using date-fns, can you please use that instead?
Do we want the user to know the time for blocking? I don't know, an attacker could be using that to schedule brute force attacks.
It's been more than a year with this PR open, I appreciate the time on this, but personally, I think giving the user hints about how long the login will be blocked is a security issue. I will close it, let me know if you have questions.
Hi again
Added login error details message and locked expiration date
and use 'moment' as a datetime formatter.