Expand description
Account locking and login attempt tracking.
Provides protection against brute-force attacks by tracking failed login attempts and temporarily locking accounts.
§Spring Security Equivalent
Similar to Spring Security’s AuthenticationFailureHandler with
LockoutPolicy and AccountStatusUserDetailsChecker.
§Example
ⓘ
use actix_security::http::security::account::{AccountLockManager, LockConfig};
let lock_manager = AccountLockManager::new(
LockConfig::new()
.max_attempts(5)
.lockout_duration(Duration::from_secs(900)) // 15 minutes
);
// On login attempt
if lock_manager.is_locked("user@example.com").await {
return Err(AuthError::AccountLocked);
}
// On failed login
lock_manager.record_failure("user@example.com").await;
// On successful login
lock_manager.record_success("user@example.com").await;Structs§
- Account
Lock Manager - Account lock manager for tracking failed attempts and locking accounts.
- Account
Stats - Account statistics.
- Lock
Config - Account lock configuration.
Enums§
- Lock
Status - Account lock status.
- Login
Check Result - Result of a login check.
Functions§
- check_
login - Helper function to check login and return detailed result.