Checks if failed login attempts exceeds the number of
failed login attempts saved in the System Preferences.
public static MaxLoginAttemptsExceeded ( ) : boolean | ||
return | boolean |
/** * * TODO: Add Recaptcha, but first: * * add recaptcha config to newscoop preferences not in recaptcha plugin config * * remove old recaptcha libraries * * reenable failed logins counter here Newscoop\NewscoopBundle\Security\Http\Authentication\AuthenticationFailedHandler * * clean code * * {@inheritdoc} */ protected function attemptAuthentication(Request $request) { if ($request->request->has('captcha_code', $request->query->has('captcha_code')) && \LoginAttempts::MaxLoginAttemptsExceeded()) { if (false) { throw new AuthenticationException($translator->trans("CAPTCHA code is not valid. Please try again.", array(), 'home')); } } return parent::attemptAuthentication($request); }
public function loginAction(Request $request) { $em = $this->container->get('em'); if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR); } else { $error = $request->getSession()->get(SecurityContext::AUTHENTICATION_ERROR); } $languages = $em->getRepository('Newscoop\\Entity\\Language')->getLanguages(); \LoginAttempts::DeleteOldLoginAttempts(); return $this->render('NewscoopNewscoopBundle:Security:login.html.twig', array('last_username' => $request->getSession()->get(SecurityContext::LAST_USERNAME), 'error' => $error, 'languages' => $languages, 'defaultLanguage' => $this->getDefaultLanguage($request, $languages), 'maxLoginAttemptsExceeded' => \LoginAttempts::MaxLoginAttemptsExceeded())); }
// Invalid logins // // CAPTCHA invalid -> captcha // If user not valid -> userpass // password invalid, encrypted -> upgrade // password invalid, not encrypted -> userpass if (!$auth->hasIdentity()) { $adapter = $controller->_helper->service('auth.adapter'); $adapter->setUsername($f_user_name)->setPassword($t_password)->setAdmin(TRUE); $result = $auth->authenticate($adapter); if ($result->getCode() != Zend_Auth_Result::SUCCESS) { LoginAttempts::RecordLoginAttempt(); return 'userpass'; } } $validateCaptcha = LoginAttempts::MaxLoginAttemptsExceeded(); // // Valid login section // if ($auth->hasIdentity()) { if (!$validateCaptcha || PhpCaptcha::Validate($f_captcha_code, true)) { // if user valid, password valid, encrypted, no CAPTCHA -> login // if user valid, password valid, encrypted, CAPTCHA valid -> login LoginAttempts::ClearLoginAttemptsForIp(); Article::UnlockByUser($auth->getIdentity()); // next action GET/POST detection if (!empty($_POST['_next']) && $_POST['_next'] == 'get') { $_SERVER['REQUEST_METHOD'] = 'GET'; $method = 'redirect'; } // fix zend csrf protection
$languageName = htmlspecialchars($languageName); print "<option value=\"$languageCode\""; if ($languageCode == $defaultLanguage) { print " selected "; } print ">$languageName</option>"; } unset($languageCode); unset($languageAttrs); unset($languageName); ?> </select> </td> </tr> <!-- CAPTCHA--> <?php if (LoginAttempts::MaxLoginAttemptsExceeded()) { ?> <tr> <td colspan="2" align="center"> <img src="<?php echo $Campsite['WEBSITE_URL']; ?>/include/captcha/image.php" /> </td> </tr> <tr> <td colspan="2" align="center"> <?php putGS('Type the code shown above:'); ?> <input name="f_captcha_code" size="5" class="input_text" alt="blank" emsg="<?php putGS("Please enter the code shown in the image."); ?>" /> </td> </tr> <?php } ?> <!-- CAPTCHA--> <tr class="buttonBlock2"> <td>