/** * Authentication failure. * * @param T_Auth authentication * @return T_Auth_Observer fluent interface */ function fail(T_Auth $auth) { $user = $auth->getUser(); if (!$user) { return $this; } // only action if user available $db = $this->db->master(); $db->begin(); $row = $this->getExistingRow($user); if (false === $row) { // insert row $sql = 'INSERT INTO person_hammer_lock (person,fail_count) ' . 'VALUES (?,1)'; $db->query($sql, array($user->getId())); } elseif (strlen($row['expiry'])) { // account already locked, throw error $db->commit(); throw $this->getError($row['expiry']); } elseif ($this->threshold - $row['fail_count'] <= 1) { // lock account, reached or gone over threshold $expiry = time() + $this->duration; $sql = "UPDATE person_hammer_lock SET expiry=? WHERE person=?"; $db->query($sql, array($expiry, $user->getId())); $db->commit(); throw $this->getError($expiry); } else { // existing row, under threshold so simply update. $sql = 'UPDATE person_hammer_lock SET fail_count=fail_count+1 ' . 'WHERE person=?'; $db->query($sql, array($user->getId())); } $db->commit(); $this->gc(); return $this; }
/** * Whether roles are found. * * @param T_Auth $auth * @return bool */ function isSatisfiedBy($auth) { $role = $auth->getRole(); foreach ($this->roles as $name) { if (!$role->is($name)) { return false; } } return true; }
/** * Whether level is matched. * * @param T_Auth $auth * @return bool */ function isSatisfiedBy($auth) { return (bool) ($this->level & $auth->getLevel()); /* bit-wise operator is used here so the constructor argument can be more than 1 level e.g. T_Auth::HUMAN|T_Auth::OBFUSCATED */ }
function testSetRoleMethodHasAFluentInterface() { $role = new T_Role_Collection(array()); $auth = new T_Auth(T_Auth::TOKEN, null, $role); $test = $auth->setRole($role); $this->assertSame($auth, $test); }
/** * Save an authorisation. * * @param T_Auth $auth * @param int $expiry expiry unix time * @return T_Auth_Driver fluent interface */ function save(T_Auth $auth, $expiry = null) { if ($expiry > time() && ($user = $auth->getUser())) { $this->createToken($user, $expiry); } return $this; }