c8bb45b41c
As per previous commit the user can cancel an ongoing authentication via Escape key and that will always send the user back to the clock view in lockscreen or user-selection view in login prompt. However, we can be a little more permissive and don't switch view to be able to restart the authentication without further action. To avoid this to be abused though, we consider the user verification cancellation via escape key to be a "soft-failure", so once the configured "allowed-failures" gsettings value has been reached, we'd just act as before, ignoring any further request (until we don't get back to the user auth view). In this way we still make brute-force attacks harder to do, while still giving the well-behaving user some ability to fix mistakes. Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/1622> |
||
|---|---|---|
| .. | ||
| authPrompt.js | ||
| batch.js | ||
| credentialManager.js | ||
| loginDialog.js | ||
| oVirt.js | ||
| realmd.js | ||
| util.js | ||
| vmware.js | ||