From 5289cdd7476ce382ce4b38be23fc3d1605954d2f Mon Sep 17 00:00:00 2001
From: Moritz Bunkus <m.bunkus@linet-services.de>
Date: Thu, 27 Sep 2012 15:50:11 +0200
Subject: [PATCH] =?utf8?q?Konfigurationsoption=20f=C3=BCr=20Wartezeit=20na?=
 =?utf8?q?ch=20fehlgeschlagenen=20Logins?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 SL/Auth.pm                    | 3 ++-
 config/kivitendo.conf.default | 4 ++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/SL/Auth.pm b/SL/Auth.pm
index ed5c84543..52c2dc63d 100644
--- a/SL/Auth.pm
+++ b/SL/Auth.pm
@@ -194,7 +194,8 @@ sub authenticate {
 }
 
 sub punish_wrong_login {
-  sleep 5;
+  my $failed_login_penalty = ($::lx_office_conf{authentication} || {})->{failed_login_penalty};
+  sleep $failed_login_penalty if $failed_login_penalty;
 }
 
 sub get_stored_password {
diff --git a/config/kivitendo.conf.default b/config/kivitendo.conf.default
index 879dab0b9..127eb3c56 100644
--- a/config/kivitendo.conf.default
+++ b/config/kivitendo.conf.default
@@ -16,6 +16,10 @@ cookie_name = kivitendo_session_id
 # hours.
 session_timeout = 480
 
+# The number of seconds to penalize failed login attempts. 0 disables
+# it.
+failed_login_penalty = 5
+
 [authentication/database]
 # Connection information for the database with the user and group
 # inforamtion.  This information is always needed, even if LDAP is
-- 
2.20.1