Merge branch 'security-59549-add-capcha-for-failed-logins' into 'master'

Require a captcha after unique failed logins from the same IP

See merge request gitlab/gitlabhq!3270

2 files changed, 13 insertions, 0 deletions

diff --git a/db/migrate/20190719122333_add_login_recaptcha_protection_enabled_to_application_settings.rb b/db/migrate/20190719122333_add_login_recaptcha_protection_enabled_to_application_settings.rb
new file mode 100644
index 00000000000..4561e1e8aa9
--- /dev/null
+++ b/db/migrate/20190719122333_add_login_recaptcha_protection_enabled_to_application_settings.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+# See http://doc.gitlab.com/ce/development/migration_style_guide.html
+# for more information on how to write migrations for GitLab.
+
+class AddLoginRecaptchaProtectionEnabledToApplicationSettings < ActiveRecord::Migration[5.1]
+  DOWNTIME = false
+
+  def change
+    add_column :application_settings, :login_recaptcha_protection_enabled, :boolean, default: false, null: false
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index d1cba5e0954..c6ba36565c0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -272,6 +272,7 @@ ActiveRecord::Schema.define(version: 2019_08_16_151221) do
     t.boolean "lock_memberships_to_ldap", default: false, null: false
     t.boolean "time_tracking_limit_to_hours", default: false, null: false
     t.string "grafana_url", default: "/-/grafana", null: false
+    t.boolean "login_recaptcha_protection_enabled", default: false, null: false
     t.string "outbound_local_requests_whitelist", limit: 255, default: [], null: false, array: true
     t.integer "raw_blob_request_limit", default: 300, null: false
     t.boolean "allow_local_requests_from_web_hooks_and_services", default: false, null: false