Skip to content
This repository was archived by the owner on Jun 19, 2026. It is now read-only.

feat(auth): implement login anomaly detection & security alerts#152

Open
Pranjal6955 wants to merge 6 commits into
rohitdash08:mainfrom
Pranjal6955:feat/login-anomaly-detection
Open

feat(auth): implement login anomaly detection & security alerts#152
Pranjal6955 wants to merge 6 commits into
rohitdash08:mainfrom
Pranjal6955:feat/login-anomaly-detection

Conversation

@Pranjal6955

Copy link
Copy Markdown

Summary

  • What changed:
    • Added new PostgreSQL tables login_history and security_alerts along with mapping models LoginHistory and SecurityAlert in SQLAlchemy.
    • Implemented brute-force login detection using Redis rate limiting (blocking after 5 failed attempts in 15 minutes).
    • Implemented NEW_DEVICE_LOGIN verification by checking the real client X-Forwarded-For IP address against prior successful authentications.
    • Built out new private endpoints GET /auth/alerts and PATCH /auth/alerts/{alertId}/read to fetch and acknowledge generated warnings.
    • Integrated a new dynamic frontend UI inside the React Account.tsx page to display unresolved alerts prominently.
    • Updated backend tests in test_auth.py and openapi.yaml to ensure code coverage and OpenAPI standardizations.
  • Why:
    • To secure user accounts from programmatic brute force stuffing attempts and proactively notify the end-user if their credentials were used on an unrecognized proxy/device, elevating the overall production readiness of FinMind's auth system.

Validation

  • Frontend lint: cd app && npm run lint
  • Frontend tests: cd app && npm test -- --runInBand
  • Backend tests: ./scripts/test-backend.ps1
  • Updated docs if needed (Swagger OpenAPI definitions & README.md have been fully updated with endpoints & caching policies)

Security and Ownership

  • PR opened from a fork (not direct push to main)
  • CODEOWNERS review requested

Checklist

  • No secrets added
  • No unrelated files changed
  • Breaking changes documented

fixes #124
/claim #124

@Pranjal6955

Copy link
Copy Markdown
Author

@rohitdash08 can u please review this PR

@rohitdash08

Copy link
Copy Markdown
Owner

@Pranjal6955 , are you still working on this ? could you please connect over discord to discuss this further @geekster007

@Pranjal6955

Copy link
Copy Markdown
Author

@rohitdash08 sure

@rohitdash08

Copy link
Copy Markdown
Owner

@Pranjal6955 checks are failing please fix that also!

@Pranjal6955

Copy link
Copy Markdown
Author

Okay

…alerts and improving new device login alert scenarios with explicit IP simulation.
@rohitdash08

Copy link
Copy Markdown
Owner

@Pranjal6955 , I have told you the observation and things which we are expecting here for this feature over discord, also please fix the failing workflow
Thank you!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Login anomaly detection & suspicious activity alerts

2 participants