Merge pull request #1127 from LogicalPhallacy/lockoutfix

Add configurable user lockout

Emby.Server.Implementations/Library/UserManager.cs

@@ -448,11 +448,19 @@ namespace Emby.Server.Implementations.Library
 
             user.Policy.InvalidLoginAttemptCount = newValue;
 
-            var maxCount = user.Policy.IsAdministrator ? 3 : 5;
+            // Check for users without a value here and then fill in the default value
+            // also protect from an always lockout if misconfigured
+            if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0)
+            {
+                user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3;
+            }
+
+            var maxCount = user.Policy.LoginAttemptsBeforeLockout;
 
             var fireLockout = false;
 
-            if (newValue >= maxCount)
+            // -1 can be used to specify no lockout value
+            if (maxCount != -1 && newValue >= maxCount)
             {
                 _logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue);
                 user.Policy.IsDisabled = true;

MediaBrowser.Model/Users/UserPolicy.cs

@@ -66,6 +66,7 @@ namespace MediaBrowser.Model.Users
         public bool EnableAllFolders { get; set; }
 
         public int InvalidLoginAttemptCount { get; set; }
+        public int? LoginAttemptsBeforeLockout { get; set; }
 
         public bool EnablePublicSharing { get; set; }
 
@@ -104,6 +105,8 @@ namespace MediaBrowser.Model.Users
 
             AccessSchedules = Array.Empty<AccessSchedule>();
 
+            LoginAttemptsBeforeLockout = -1;
+
             EnableAllChannels = true;
             EnabledChannels = Array.Empty<string>();