-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

diff -crB a/user.py b/user.py
*** a/user.py	2016-03-08 13:56:41.921761645 +0000
- --- b/user.py	2016-03-08 13:57:05.931762976 +0000
***************
*** 464,476 ****
          Return user id if password matches
          '''
          LoginAttempt = Pool().get('res.user.login.attempt')
- -         time.sleep(2 ** LoginAttempt.count(login) - 1)
          user_id, password_hash = cls._get_login(login)
          if user_id:
              if cls.check_password(password, password_hash):
- -                 LoginAttempt.remove(login)
                  return user_id
!         LoginAttempt.add(login)
          return 0
  
      @staticmethod
- --- 464,477 ----
          Return user id if password matches
          '''
          LoginAttempt = Pool().get('res.user.login.attempt')
          user_id, password_hash = cls._get_login(login)
          if user_id:
              if cls.check_password(password, password_hash):
                  return user_id
!                 
!         #Timeout for invalid login attempts
!         #TODO : use failed_login_timeout from configuration param.
!         time.sleep(3)
          return 0
  
      @staticmethod
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAlbtg10ACgkQ6toB4+RLgBFYsACcCIF+wfMI4uKIA1SPfY8Cf2dW
CeEAoLet30WaF8HMEnlltpBEP2QZwO8g
=zDb2
-----END PGP SIGNATURE-----