AshAuthentication.AddOn.AuditLog.IdentityBruteForcePreparation
(ash_authentication v5.0.0-rc.7)
Copy Markdown
View Source
Preparation that rejects an action when the audit log shows too many recent failed attempts for the submitted identity.
Used by strategies whose sign-in / request actions take an identity field
argument (e.g. password sign-in, password reset request, magic-link
request) when configured with brute_force_strategy {:audit_log, :my_audit_log}.
Unlike AshAuthentication.AddOn.AuditLog.BruteForcePreparation — which
keys on the authenticated user's subject and runs after the action — this
preparation keys on the identity argument and runs before the action, so
the check happens without needing to first resolve or load the user.
The window and maximum are read from the following fields on the strategy (both of which mirror the TOTP strategy's DSL options):
audit_log_window- time window for counting failures.audit_log_max_failures- maximum allowed failures before blocking.