/**
* Get the throttling delay (in milliseconds)
*
* @param string $username
* @param string $ip
* @param string $action
* @return int
*/
public function getDelay(string $username, string $ip, string $action = self::ACTION_LOGIN) : int
{
$attempts = (int) $this->db->cell('SELECT
count(*)
FROM
airship_failed_logins
WHERE
action = ?
AND (
username = ?
OR subnet = ?
)
AND occurred > ?
', $action, $username, $this->getSubnet($ip), (new \DateTime())->sub($this->getCutoff((int) ($this->config['expire'] ?? 43200)))->format(\AIRSHIP_DATE_FORMAT));
if ($attempts === 0) {
return 0;
}
$max = (int) ($this->config['max-delay'] ?? 30);
$value = (double) ($this->config['first-delay'] ?? 0.25);
if ($attempts > 8 * PHP_INT_SIZE - 1) {
// Don't ever overflow. Just assume the max time:s
$value = $max;
} else {
$value *= 2 ** $attempts;
if ($value > $max) {
$value = $max;
}
}
return (int) \ceil($value * 1000);
}
/**
* Is this user a super user? Do they belong in a superuser group?
*
* @param int $user_id - User ID
* @param bool $ignore_groups - Don't look at their groups
* @return bool
*/
public function isSuperUser(int $user_id = 0, bool $ignore_groups = false) : bool
{
if (empty($user_id)) {
// We can short-circuit this for guests...
return false;
}
$statements = ['check_user' => \Airship\queryStringRoot('security.permissions.is_superuser_user', $this->db->getDriver()), 'check_groups' => \Airship\queryStringRoot('security.permissions.is_superuser_group', $this->db->getDriver())];
if ($this->db->cell($statements['check_user'], $user_id) > 0) {
return true;
} elseif (!$ignore_groups) {
return $this->db->cell($statements['check_groups'], $user_id) > 0;
}
return false;
}