yumoqing/rbac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
157 Commits 1 Branch 0 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
yumoqing
90e9e943b2 bugfix 2026-04-26 15:14:33 +08:00
yumoqing
7b36e2d159 bugfix 2026-04-26 15:02:32 +08:00
yumoqing
59f68c3141 bugfix 2026-04-26 15:01:05 +08:00
yumoqing
8aada101ca fix(rbac): remove MySQL-specific SQL for cross-database compatibility 
- Replace DATE_SUB(NOW(), INTERVAL 300 SECOND) with Python-level time check
- Replace NOW() with parameterized timestamps from Python
- Lockout check now done in _is_locked() function (DB-agnostic)
- All UPDATE statements use parameterized values, not DB functions
- Works with MySQL, PostgreSQL, SQLite, SQL Server, Oracle
 2026-04-26 11:04:15 +08:00
yumoqing
622b0558b9 fix(rbac): fix high-concurrency race conditions in login and cache 
1. Login lockout race condition:
   - Replace SELECT-then-UPDATE with atomic database operations
   - Lockout check now in SQL WHERE clause (DATE_SUB comparison)
   - Fail count increment: UPDATE ... SET count = count + 1 (atomic)
   - Applied to checkUserPassword, basic_auth, up_login.dspy, phone_login.dspy

2. Cache threading.Lock -> asyncio.Lock:
   - LRUCache now uses lazy-init asyncio.Lock
   - Prevents blocking the event loop in async environment
   - UserPermissions._rp_lock also uses asyncio.Lock
   - Double-check pattern in load_roleperms prevents duplicate DB loads

3. Use database NOW() instead of Python curDateString for concurrent updates
 2026-04-26 10:58:13 +08:00
yumoqing
3fdd4efeff feat(rbac): add login tracking, lockout, secure cache 
- Add created_at, last_login, login_fail_count, last_login_fail fields
- 3 failed logins locks account for 5 minutes
- LRU+TTL cache for UserPermissions, thread-safe
- All login methods update last_login
- Migration SQL for existing databases
 2026-04-26 10:49:01 +08:00
yumoqing
059df2aef2 bugfix 2026-03-26 11:49:12 +08:00
yumoqing
0c69929a72 bugfix 2026-03-25 17:40:17 +08:00
yumoqing
6eb707d8bf bugfix 2026-03-23 11:11:09 +08:00
yumoqing
819618a601 bugfix 2026-03-21 18:15:56 +08:00
yumoqing
5f805201ea bugfix 2026-03-21 15:42:28 +08:00
yumoqing
4e27e9df68 bugfix 2026-03-21 15:31:36 +08:00
yumoqing
aec602ebd3 bugfix 2026-03-21 10:17:17 +08:00
yumoqing
f27f1ece0b bugfix 2026-03-20 12:59:30 +08:00
yumoqing
e0c7596444 bugfix 2026-03-18 14:09:28 +08:00