/** * authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to * attempt an authentication. Previous to this call, this adapter would have already * been configured with all necessary information to successfully connect to a database * table and attempt to find a record matching the provided identity. * * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible * @return Zend_Auth_Result */ public function authenticate() { $result = parent::authenticate(); $select = $this->_zendDb->select(); $select->from($this->_tableName); $select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity); $user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ); if ($result->isValid()) { // Check if user role is active $sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?'; if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) { return new Zend_Auth_Result( Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array() ); } $this->updateExpiry(); $this->updateSessionId(); } else { // If more then 4 previous failed logins lock account for n * failedlogins seconds if ($user->failedlogins >= 4) { $lockedUntil = new Zend_Date(); $lockedUntil->addSecond($this->lockSeconds * $user->failedlogins); $this->setLockedUntil($lockedUntil); } // Increase number of failed logins $this->setFailedLogins($user->failedlogins + 1); if(isset($lockedUntil)) { return new Zend_Auth_Result( -4, $this->_identity, array('lockedUntil' => $lockedUntil) ); } } return $result; }