From 62dea3fc2ee86bbc82df861fe679490fcbe3769f Mon Sep 17 00:00:00 2001
From: int2001 <joerg@dj7nt.de>
Date: Mon, 13 Jan 2025 15:23:14 +0000
Subject: [PATCH] Make amount of failed logins configurable (defaults to 3)

---
 application/config/config.sample.php | 8 ++++++++
 application/models/User_model.php    | 7 ++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/application/config/config.sample.php b/application/config/config.sample.php
index 6c871f3d0..ed62e8ca2 100644
--- a/application/config/config.sample.php
+++ b/application/config/config.sample.php
@@ -769,3 +769,11 @@ $config['disable_version_check'] = false;
  */
 
 $config['enable_eqsl_massdownload'] = false;
+
+/*
+|--------------------------------------------------------------------------
+| Lock Account after n failed login-attempts
+|--------------------------------------------------------------------------
+ */
+
+$config['max_login_attempts'] = 3;
diff --git a/application/models/User_model.php b/application/models/User_model.php
index 6c3adf85c..597043d29 100644
--- a/application/models/User_model.php
+++ b/application/models/User_model.php
@@ -610,7 +610,12 @@ class User_Model extends CI_Model {
 				return 2;
 			}
 
-			if ($u->row()->login_attempts > 3) {
+			if ($this->config->item('max_login_attempts')) {
+				$maxattempts = $this->config->item('max_login_attempts');
+			} else {
+				$maxattempts = 3;
+			}
+			if ($u->row()->login_attempts > $maxattempts) {
 				$uid = $u->row()->user_id;
 				log_message('debug', "User ID: [$uid] Login rejected because of too many failed login attempts.");
 				return 3;