track_failed_login not called when the login_failed signal fires
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Fix Released
|
Medium
|
Daniel Manrique |
Bug Description
I think the track_failed_login method is not being called when login_failed signal is fired.
The method is registered to the signal and scoped to sender=Account:
login_failed.
track_
dispatch_
But this signal is only ever called in two places:
webui/views/ui.py line 215:
except AuthenticationError as e:
# track failed login attempt
(This is in the post method for LoginView, so sender=A LoginView Instance (not Account, so the track_failed_login method will not be called).
Second call:
api/v20/handlers.py line 356:
if account is None:
# track failed login attempt
This is in the create method for AccountLoginHandler so sender=an AccountLoginHandler instance. Again, the track_failed_login will not be called.
Reading the tests, I think there is:
1- A test (src/webui/
2- A test (test_signals.py) to verify the side-effects from track_failed_login are correct. It's invoked with a mock object for the sender argument, but this assumes the signal dispatcher invoked the method (which doesn't happen if the sender=Account scipe is not satisfied, something not tested here).
How to reproduce:
1- Bootstrap SSO environment, make run
2- Register an account and log out
3- Set up a way to observe side-effects of track_failed_login (I simply put a print("HELLO") statement in the method itself).
4- Try to log in with your account using a bad password.
5- Verify that your side-effect observation doesn't show evidence that the method was called (no HELLO log to the console in my case).
Related branches
- Ricardo Kirkner (community): Approve
-
Diff: 76 lines (+39/-3)2 files modifiedsrc/identityprovider/signals.py (+2/-2)
src/webui/tests/test_views_ui.py (+37/-1)
Changed in canonical-identity-provider: | |
importance: | Undecided → Medium |
status: | New → In Progress |
assignee: | nobody → Daniel Manrique (roadmr) |
Changed in canonical-identity-provider: | |
status: | In Progress → Fix Committed |
Changed in canonical-identity-provider: | |
status: | Fix Committed → Fix Released |