Merge pull request #10947 from grafana/use-epoch-for-login-attempt

login: uses epochs for login throtting.

Merge pull request #10947 from grafana/use-epoch-for-login-attempt
login: uses epochs for login throtting.
63f8854a · Leonard Gram · GitHub · 710bb707 · fe357a72 · 63f8854a
Commit 63f8854a authored Feb 19, 2018 by Leonard Gram Committed by GitHub Feb 19, 2018
5 changed files
--- a/pkg/models/login_attempt.go
+++ b/pkg/models/login_attempt.go
@@ -8,7 +8,7 @@ type LoginAttempt struct {
 	Id        int64
 	Username  string
 	IpAddress string
-	Created   time.Time
+	Created   int64
 }
 // ---------------------

--- a/pkg/services/sqlstore/login_attempt.go
+++ b/pkg/services/sqlstore/login_attempt.go
@@ -21,7 +21,7 @@ func CreateLoginAttempt(cmd *m.CreateLoginAttemptCommand) error {
 		loginAttempt := m.LoginAttempt{
 			Username:  cmd.Username,
 			IpAddress: cmd.IpAddress,
-			Created:   getTimeNow(),
+			Created:   getTimeNow().Unix(),
 		}
 		if _, err := sess.Insert(&loginAttempt); err != nil {
@@ -37,8 +37,8 @@ func CreateLoginAttempt(cmd *m.CreateLoginAttemptCommand) error {
 func DeleteOldLoginAttempts(cmd *m.DeleteOldLoginAttemptsCommand) error {
 	return inTransaction(func(sess *DBSession) error {
 		var maxId int64
-		sql := "SELECT max(id) as id FROM login_attempt WHERE created < " + dialect.DateTimeFunc("?")
+		sql := "SELECT max(id) as id FROM login_attempt WHERE created < ?"
-		result, err := sess.Query(sql, cmd.OlderThan)
+		result, err := sess.Query(sql, cmd.OlderThan.Unix())
 		if err != nil {
 			return err
@@ -66,7 +66,7 @@ func GetUserLoginAttemptCount(query *m.GetUserLoginAttemptCountQuery) error {
 	loginAttempt := new(m.LoginAttempt)
 	total, err := x.
 		Where("username = ?", query.Username).
-		And("created >="+dialect.DateTimeFunc("?"), query.Since).
+		And("created >= ?", query.Since.Unix()).
 		Count(loginAttempt)
 	if err != nil {

--- a/pkg/services/sqlstore/migrations/common.go
+++ b/pkg/services/sqlstore/migrations/common.go
@@ -34,6 +34,7 @@ func addTableReplaceMigrations(mg *Migrator, from Table, to Table, migrationVers
 	copyTableData := fmt.Sprintf("copy %v %v to %v", to.Name, fromV, toV)
 	dropTable := fmt.Sprintf("drop %v", tmpTableName)
+	addDropAllIndicesMigrations(mg, fromV, from)
 	addTableRenameMigration(mg, from.Name, tmpTableName, fromV)
 	mg.AddMigration(createTable, NewAddTableMigration(to))
 	addTableIndicesMigrations(mg, toV, to)

--- a/pkg/services/sqlstore/migrations/dashboard_mig.go
+++ b/pkg/services/sqlstore/migrations/dashboard_mig.go
@@ -187,10 +187,7 @@ func addDashboardMigration(mg *Migrator) {
 			{Name: "external_id", Type: DB_Text, Nullable: false},
 			{Name: "updated", Type: DB_DateTime, Nullable: false},
 		},
-		Indices: []*Index{
+		Indices: []*Index{},
-			{Cols: []string{"dashboard_id"}},
-			{Cols: []string{"dashboard_id", "name"}, Type: IndexType},
-		},
 	}
 	mg.AddMigration("create dashboard_provisioning", NewAddTableMigration(dashboardExtrasTable))

--- a/pkg/services/sqlstore/migrations/login_attempt_mig.go
+++ b/pkg/services/sqlstore/migrations/login_attempt_mig.go
@@ -20,4 +20,23 @@ func addLoginAttemptMigrations(mg *Migrator) {
 	mg.AddMigration("create login attempt table", NewAddTableMigration(loginAttemptV1))
 	// add indices
 	mg.AddMigration("add index login_attempt.username", NewAddIndexMigration(loginAttemptV1, loginAttemptV1.Indices[0]))
+	loginAttemptV2 := Table{
+		Name: "login_attempt",
+		Columns: []*Column{
+			{Name: "id", Type: DB_BigInt, IsPrimaryKey: true, IsAutoIncrement: true},
+			{Name: "username", Type: DB_NVarchar, Length: 190, Nullable: false},
+			{Name: "ip_address", Type: DB_NVarchar, Length: 30, Nullable: false},
+			{Name: "created", Type: DB_Int, Default: "0", Nullable: false},
+		},
+		Indices: []*Index{
+			{Cols: []string{"username"}},
+		},
+	}
+	addTableReplaceMigrations(mg, loginAttemptV1, loginAttemptV2, 2, map[string]string{
+		"id":         "id",
+		"username":   "username",
+		"ip_address": "ip_address",
+	})
 }