Skip to content

AMM-118: Add time-based account lockout with auto-unlock #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
varundeepsaini wants to merge 1 commit into
base: main
Choose a base branch
from
Open

AMM-118: Add time-based account lockout with auto-unlock #75

varundeepsaini wants to merge 1 commit into from

Conversation

@varundeepsaini
Copy link

@varundeepsaini varundeepsaini commented Jan 7, 2026
edited
Loading

Fixes PSMRI/AMRIT#118

📋 Description

Adds database migration to support time-based account lockout feature. Creates lock_timestamp column in m_user table to track when accounts were locked due to failed login attempts.

✅ Type of Change

  • New feature (non-breaking change which adds functionality)

ℹ️ Additional Information

Changes:

  • Added lock_timestamp TIMESTAMP column (nullable, default NULL)

Summary by CodeRabbit

  • Database
    • Added database support for tracking account lockout timestamps, enabling enhanced account security mechanisms.

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link

coderabbitai bot commented Jan 7, 2026
edited
Loading

📝 Walkthrough

Walkthrough

A database migration script adds a new lock_timestamp column to the m_user table. The column is defined as a nullable TIMESTAMP field with a default value of NULL, enabling storage of account lockout timestamps.

Changes

Cohort / File(s) Summary
Database Migration
src/main/resources/db/migration/dbiemr/V35__AMM118_Account_Lockout_Timestamp.sql		 Adds lock_timestamp TIMESTAMP column to m_user table with DEFAULT NULL for account lockout tracking

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related issues

Poem

🐰 A timestamp now tickles the user's door,
Locking accounts like never before!
With migration applied, the schema takes shape,
Account lockout logic finds its escape. ✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The pull request title accurately reflects the main change: adding database support for time-based account lockout with auto-unlock via a new lock_timestamp column migration.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 7, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

coderabbitai[bot]
coderabbitai bot reviewed Jan 7, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
src/main/resources/db/migration/dbiemr/V35__AMM118_Account_Lockout_Timestamp.sql (1)

1-2: Consider adding an index on lock_timestamp for query performance.

The migration adds the column correctly with proper idempotency (IF NOT EXISTS). However, if the application needs to query for locked or expired accounts (e.g., SELECT FROM m_user WHERE lock_timestamp < NOW()), the lack of an index could cause full table scans and performance degradation on larger datasets.

📋 Proposed enhancement to add an index 
 ALTER TABLE m_user
 ADD COLUMN IF NOT EXISTS lock_timestamp TIMESTAMP NULL DEFAULT NULL;
+
+CREATE INDEX IF NOT EXISTS idx_m_user_lock_timestamp 
+ON m_user(lock_timestamp);

Only add the index if the application actually queries by lock_timestamp.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c2bb4f5 and 8d73de2.

📒 Files selected for processing (1)
  • src/main/resources/db/migration/dbiemr/V35__AMM118_Account_Lockout_Timestamp.sql
🔇 Additional comments (1)
src/main/resources/db/migration/dbiemr/V35__AMM118_Account_Lockout_Timestamp.sql (1)

1-2: Verify that auto-unlock logic is implemented in application code.

The PR description mentions an "auto-unlock" feature, but this migration only adds the storage column. Ensure that the corresponding application code (job scheduler, service layer, or middleware) implements the logic to automatically unlock accounts when the lockout period expires.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[C4GT Community]: Account Lockout After Multiple Failed Login Attempts – Auto Unlock Required After 24 Hours

1 participant

@varundeepsaini