From a525273af225ba0b4caf7dc2b2992b48ac776ace Mon Sep 17 00:00:00 2001
From: Antonio de la Rosa <webmaster@web-t-sys.com>
Date: Mon, 21 Apr 2025 01:48:11 +0200
Subject: [PATCH] Fix in check login

---
 .../admin2/libraries/check_login_tries.py     | 75 +++++++++++++++++++
 1 file changed, 75 insertions(+)
 create mode 100644 paramecio/modules/admin2/libraries/check_login_tries.py

diff --git a/paramecio/modules/admin2/libraries/check_login_tries.py b/paramecio/modules/admin2/libraries/check_login_tries.py
new file mode 100644
index 0000000..5346865
--- /dev/null
+++ b/paramecio/modules/admin2/libraries/check_login_tries.py
@@ -0,0 +1,75 @@
+from paramecio.libraries.i18n import I18n, PGetText
+from paramecio.libraries.mtemplates import env_theme, PTemplate
+from paramecio.modules.admin2.models.admin import UserAdmin2, LoginTries2, PrivilegesModule2
+from paramecio.libraries.db.webmodel import WebModel
+from paramecio.libraries.db import simplequery
+from settings import config
+from paramecio.libraries.datetime import now, format_local_strtime, timestamp_to_datetime, obtain_timestamp
+from paramecio.libraries.keyutils import create_key_encrypt, create_key
+from time import time
+from paramecio.wsgiapp import app
+#from paramecio.modules.admin2 import admin_app
+from bottle import request, redirect, Bottle, response
+from paramecio.modules.admin2.libraries.loginplugin import check_login
+from paramecio.libraries.sessionplugin import SessionPlugin
+from paramecio.libraries.httputils import GetPostFiles
+from paramecio.libraries.db.formsutils import check_form, csrf_token
+from paramecio.libraries.db.coreforms import PasswordForm
+from paramecio.libraries.sendmail import SendMail
+from paramecio.libraries.db.formsutils import check_csrf
+from paramecio.modules.admin2.libraries.config import modules_admin
+
+login_tries=5
+
+if hasattr(config, 'login_tries'):
+    login_tries=config.login_tries
+
+seconds_login=300
+
+if hasattr(config, 'seconds_login'):
+    seconds_login=config.seconds_login
+
+
+def check_login_tries(request, db):
+    
+    logintries=LoginTries2(db)
+    
+    logintries.safe_query()
+    
+    ip=request.environ.get('HTTP_X_FORWARDED_FOR') or request.environ.get('REMOTE_ADDR')
+    
+    """
+    if 'x-real-ip' in request.headers:
+        ip=request.headers['x-real-ip']
+    elif 'x-forwarded-for' in request.headers:
+        ip=request.headers['x-forwarded-for']
+    else:
+        ip=request.client.host
+    """
+
+    you_cannot_login=0
+    
+    now_str=now()
+    date_now=format_local_strtime('YYYY-MM-DD HH:mm:ss', now_str)
+    
+    date_check=format_local_strtime('YYYY-MM-DD HH:mm:ss', timestamp_to_datetime(obtain_timestamp(now_str)-seconds_login))
+    
+    logintries.query('delete from logintries2 where last_login<%s', [date_check])
+    
+    arr_try=logintries.set_conditions('WHERE ip=%s', [ip]).select_a_row_where()
+    
+    if arr_try:
+        
+        if arr_try['num_tries']<login_tries:
+        
+            logintries.query('update logintries2 set num_tries=num_tries+1, last_login=%s WHERE ip=%s', [date_now, ip])
+            
+        else:
+            
+            you_cannot_login=1
+            
+    else:
+        
+        logintries.query('insert into logintries2 (`ip`, `num_tries`, `last_login`) VALUES (%s, %s, %s)', [ip, 1, date_now])
+
+    return you_cannot_login