azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-06-21 21:11:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1bdbe8c96d2d909897ef08db94847c628938c310
admin/_docs/02_document/modules/common_configs_auth_config.md
T
Oleksandr Bezdieniezhnykh a77b3f8a59 [AZ-529] [AZ-530] Cycle-2 documentation refresh 
Refreshes _docs/02_document/ to reflect the cycle-2 auth-modernization
+ CMMC hardening landings (AZ-531..AZ-538). Authoritative source for
the ripple set is ripple_log_cycle2.md.

Covered:
- architecture.md (section 1 rewritten, ADRs 6-9 added)
- data_model.md (sessions, audit_events, user columns, migrations)
- system-flows.md (F1 rewritten; F11-F17 added; F2/F7/F9 minor)
- module-layout.md (cycle-2 sub-component table)
- diagrams/flows/flow_login.md (dual-token + MFA)
- components/{01_data_layer,03_auth_and_security,05_admin_api}
- modules/ (12 new, 8 modified — full Argon2id/ES256/MFA/refresh
  /mission/session/audit/jwks rollup)
- tests/{blackbox,security,traceability-matrix}

Step 13 (Update Docs) output for cycle 2.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-14 09:22:53 +03:00

2.8 KiB
Raw Blame History

Module: Azaion.Common.Configs.AuthConfig

Purpose

Configuration POCO bundling the per-IP / per-account login rate-limit knobs and the consecutive-failure account-lockout policy. Bound from appsettings.json section AuthConfig.

Added in cycle 2 (2026-05-14) by AZ-537 (Epic AZ-530, CMMC AC.L2-3.1.8).

Public Interface

AuthConfig

Property Type Description
RateLimit RateLimitOptions Per-IP and per-account login rate-limit windows.
Lockout LockoutOptions Consecutive-failure threshold and lockout duration.

RateLimitOptions

Property Type Default Description
PerIpPermitLimit int 10 Allowed login attempts per IP per PerIpWindowSeconds. Enforced by ASP.NET Core's built-in sliding-window limiter on /login (and /login/mfa).
PerIpWindowSeconds int 60 Window length for the per-IP limiter.
PerAccountPermitLimit int 5 Allowed failed login attempts per email per PerAccountWindowSeconds. Enforced by UserService.ValidateUser against AuditLog.CountRecentFailedLogins.
PerAccountWindowSeconds int 300 Window length for the per-account limiter (5 min).

LockoutOptions

Property Type Default Description
MaxAttempts int 10 Consecutive failed logins that trigger lockout. Counter lives on users.failed_login_count.
DurationSeconds int 900 Lockout duration (15 min). Sets users.lockout_until = now() + DurationSeconds.

Internal Logic

None — pure data class.

Dependencies

None.

Consumers

  • Program.cs — registers via builder.Services.Configure<AuthConfig>(...) and reads it eagerly to build the per-IP SlidingWindowLimiter partition.
  • UserService.ValidateUser — reads RateLimit.PerAccountPermitLimit / PerAccountWindowSeconds for the per-account rate limit and Lockout.MaxAttempts / DurationSeconds for lockout enforcement.

Data Models

None.

Configuration

Bound via builder.Configuration.GetSection(nameof(AuthConfig)). Override via env vars like AuthConfig__Lockout__MaxAttempts=15.

External Integrations

None.

Security

  • Per-IP limit is in-memory (process-local); a multi-instance admin deployment would either need sticky-sessions on /login or a Redis-backed limiter (called out as a known upgrade path in _docs/05_security/security_report.md).
  • Per-account limit is DB-backed (via audit_events) so it survives process restarts and is consistent across instances.
  • Lockout precedence: a locked account returns 423 Locked even for a correct password until lockout_until passes (CMMC AC.L2-3.1.8 requires this).

Tests

  • e2e/Azaion.E2E/Tests/RateLimitLockoutTests.cs — covers AC-1..AC-6 of AZ-537 with the default values from this config.
Reference in New Issue View Git Blame Copy Permalink