diff --git a/Emby.Server.Implementations/Library/UserManager.cs b/Emby.Server.Implementations/Library/UserManager.cs index ee90b3558e..4cf703add5 100644 --- a/Emby.Server.Implementations/Library/UserManager.cs +++ b/Emby.Server.Implementations/Library/UserManager.cs @@ -448,11 +448,19 @@ namespace Emby.Server.Implementations.Library user.Policy.InvalidLoginAttemptCount = newValue; - var maxCount = user.Policy.IsAdministrator ? 3 : 5; + // Check for users without a value here and then fill in the default value + // also protect from an always lockout if misconfigured + if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0) + { + user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3; + } + + var maxCount = user.Policy.LoginAttemptsBeforeLockout; var fireLockout = false; - if (newValue >= maxCount) + // -1 can be used to specify no lockout value + if (maxCount != -1 && newValue >= maxCount) { _logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue); user.Policy.IsDisabled = true; diff --git a/MediaBrowser.Model/Users/UserPolicy.cs b/MediaBrowser.Model/Users/UserPolicy.cs index 27ce23778e..5415fd5e81 100644 --- a/MediaBrowser.Model/Users/UserPolicy.cs +++ b/MediaBrowser.Model/Users/UserPolicy.cs @@ -66,6 +66,7 @@ namespace MediaBrowser.Model.Users public bool EnableAllFolders { get; set; } public int InvalidLoginAttemptCount { get; set; } + public int? LoginAttemptsBeforeLockout { get; set; } public bool EnablePublicSharing { get; set; } @@ -104,6 +105,8 @@ namespace MediaBrowser.Model.Users AccessSchedules = Array.Empty(); + LoginAttemptsBeforeLockout = -1; + EnableAllChannels = true; EnabledChannels = Array.Empty();