Hi Jan > Betreff: [Zope-dev] z3c.password and tracking failed login attempts > > Hi, > > A while ago I asked some questions and made some suggestions > for improving how to track failed login attempts in > z3c.password. Most likely these suggestions got buried in now > a out-of-sight thread and were never noticed. > > My suggestion was that making a request for for example a > resource could still trigger the account locked errors, where > in my opinion only the login attempts themselves should do that. > > I created a branch of z3c.password..: > > > http://svn.zope.org/z3c.password/branches/jw-noraise-for-irrel evant-requests/ > > ..that will check for request relevancy as early as possible. > > All tests pass without modification, but with this change > after an account has been locked out requests for for example > resources will still work. Additionally I think the code is a > tad more readible now. I added a test to demonstrate the > specific behaviour. > > Would any of the z3c.password users/developers object to > having this branch merged to the trunk?
Adam is on holiday this week. I'm sure he will take a look at the branch next monday. Regards Roger Ineichen > regards, jw _______________________________________________ Zope-Dev maillist - [email protected] https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
