Can I please check how long the timeout is if the setting is enabled to temporarily lock account after failed login attempt.
We thought it was 15mins but after more than 1hr the account is still locked and need to assist a user.
Regards
Elmarie
This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer. Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission. If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.
The lock out duration is 15 mins. I have just tested and it is working properly.
Could you please provide more details of your case ( steps to reproduce ) ?
Below is screenshots of my test case.
Time when account is locked 3:21
Time logged in successful 3:27
···
On Thu, Jul 20, 2017 at 12:29 PM, Elmarie Claasen elmarie@hisp.org wrote:
Hi Devs,
Can I please check how long the timeout is if the setting is enabled to temporarily lock account after failed login attempt.
We thought it was 15mins but after more than 1hr the account is still locked and need to assist a user.
Regards
Elmarie
This message and any attachments are subject to a disclaimer published at http://www.hisp.org/policies.html#comms_disclaimer. Please read the disclaimer before opening any attachment or taking any other action in terms of this electronic transmission. If you cannot access the disclaimer, kindly send an email to disclaimer@hisp.org and a copy will be provided to you. By replying to this e-mail or opening any attachment you agree to be bound by the provisions of the disclaimer.
I am using dhis2 version 2.40.3. I have the same problem. I tried to enter to the database and updated the disabled field of the account to false without any success. It is the only admin account I have in my instance as it is a new system I am working on. The instance I have configured has the userinfo table instead of users for user account information. I have also tried to give my instance sometime to wait for it to be unlocked without any success. Any support will highly be appreciated as I dont want to start a fresh install. Thank you in advance
It’s not clear what is exactly is the issue. Did you forget the admin password and then got locked out? It’s a temporary lock so it should be back already. How much time did you give it, what error are you seeing?
The problem started when I was developing an app for my dhis2 instance using react. After generating the app and run yarn start, the application started to run and I specified the url, username and password for my current dhis2 application. It appeared that the app was sending too many requests which were apprently unauthorized and dhis2 blocked the account. It is an instance that is still new and I am working on performing some initial setup such as organisation units, indicators, data elements, etc therefore I only have two users configured right now. Only one user has the administrator’s permissions to access the maintenance app. The other user doesn’t have that access. So, after looking for resources online, I came across a solution that required me to update the field disabled and set it to false in the database. I have done so, but I still get the same error after login. My current dhis2 version does not have a users table, it rather contains a userinfo table so I thought this could also be a new update to the platform. This is a snapshot of the list of tables related to users in my installation. I have fetched it from the public schema.
I have successfully managed to reset the password manually by updating it in the user info table but I still get the same error. I have also tried to wait for more than 24 hours for it to be unlocked without success. Here is a screenshot of the error I get.
Are you running your app in local host and your server on localhost or remote server?
I have faced an issue with localhost, then I simply added localhost:300 into CORS list. But failed with remote server and couldn’t log in, despite including localhost:300 into CORS list and following the recommendations How to debug common development errors | DHIS2 Developer Portal
Hi Devs! So after struggling for quite sometime, this is what i did. I had one account that could manage to login to the system. I connected to the database and run queries to determine its id. In this case i run the following query
select * from userinfo where username = ‘admin’
from the query, I managed to get the id of the admin user, I repeated again the same query but this time passing the username of the account that could login. From the query results, I managed to get the id of the user. By the way, the id is stored in the userinfoid column.
I thereafter run the query select * from userrole where roleid =‘the role id obtained from the second query. i.e the query with the username of the user who can login as an argument’
I thereafter inserted a new row in the userrolemembers table to assign an admin role to the user who didn’t have full access with the query below
INSERT INTO public.userrolemembers(
userroleid, userid)
VALUES (id of the admin role, id of the user who could login);
after doing so, I logged in using the previously less previllged account, this time it had the admin roles. Form there I had admin roles and I thereafter fixed the user accounts using the user management app of dhis2
Interesting journey you have had working on this. I bet it feels like a great learning experience, and thank you so much for sharing it here so other community members could benefit.
How about this issue? Were you able to figure out how not to get the user blocked again?
