Resets the login counter by clearing all IP records
from the failed login attempt database after a sucessful login.
| public static ClearLoginAttemptsForIp ( ) : void | ||
| return | void | |
/**
* This is called when an interactive authentication attempt succeeds. This
* is called by authentication listeners inheriting from AbstractAuthenticationListener.
* @param Request $request
* @param TokenInterface $token
* @return Response The response to return
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
$user = $token->getUser();
// This should actually be handle by the AuthenticationFailedHandler
if (!$user->isAdmin()) {
// can't go into admin
$request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, new AuthenticationException('User is not an admin.'));
return $this->httpUtils->createRedirectResponse($request, 'admin_login');
}
\LoginAttempts::DeleteOldLoginAttempts();
\LoginAttempts::ClearLoginAttemptsForIp();
$zendAuth = \Zend_Auth::getInstance();
$this->authAdapter->setUsername($user->getUsername())->setPassword($request->request->get('_password'))->setAdmin(true);
$zendAuth->authenticate($this->authAdapter);
$OAuthtoken = $this->userService->loginUser($user, 'oauth_authorize');
$session = $request->getSession();
$session->set('_security_oauth_authorize', serialize($OAuthtoken));
$frontendToken = $this->userService->loginUser($user, 'frontend_area');
$session = $request->getSession();
$session->set('_security_frontend_area', serialize($frontendToken));
\Article::UnlockByUser($user->getId());
$request->setLocale($request->request->get('login_language'));
$this->setNoCacheCookie($request);
$user->setLastLogin(new \DateTime());
$this->em->flush();
if ($request->get('ajax') === 'true') {
// close popup with login.
return new Response("<script type=\"text/javascript\">window.parent.g_security_token = '" . \SecurityToken::GetToken() . "';window.parent.\$(window.parent.document.body).data('loginDialog').dialog('close');window.parent.setSecurityToken(window.parent.g_security_token);</script>");
}
return parent::onAuthenticationSuccess($request, $token);
}
function camp_successful_login($user, $f_login_language)
{
global $ADMIN, $LiveUser, $LiveUserAdmin, $request, $requestId;
$user->initLoginKey();
$data = array('KeyId' => $user->getKeyId());
if (is_object($LiveUser->_perm)) {
$permUserId = $LiveUser->_perm->getProperty('perm_user_id');
$LiveUserAdmin->updateUser($data, $permUserId);
$LiveUser->updateProperty(true, true);
LoginAttempts::ClearLoginAttemptsForIp();
setcookie("LoginUserId", $user->getUserId());
setcookie("LoginUserKey", $user->getKeyId());
setcookie("TOL_Language", $f_login_language);
Article::UnlockByUser($user->getUserId());
// Try to restore request.
if (!empty($request)) { // restore request
camp_session_set("request_$requestId", $request);
$request = unserialize($request);
camp_html_goto_page($request['uri'], TRUE, array(
'request' => $requestId,
));
}
// Go to admin index if no request is set.
camp_html_goto_page("/$ADMIN/index.php");
}
}
$adapter->setUsername($f_user_name)->setPassword($t_password)->setAdmin(TRUE);
$result = $auth->authenticate($adapter);
if ($result->getCode() != Zend_Auth_Result::SUCCESS) {
LoginAttempts::RecordLoginAttempt();
return 'userpass';
}
}
$validateCaptcha = LoginAttempts::MaxLoginAttemptsExceeded();
//
// Valid login section
//
if ($auth->hasIdentity()) {
if (!$validateCaptcha || PhpCaptcha::Validate($f_captcha_code, true)) {
// if user valid, password valid, encrypted, no CAPTCHA -> login
// if user valid, password valid, encrypted, CAPTCHA valid -> login
LoginAttempts::ClearLoginAttemptsForIp();
Article::UnlockByUser($auth->getIdentity());
// next action GET/POST detection
if (!empty($_POST['_next']) && $_POST['_next'] == 'get') {
$_SERVER['REQUEST_METHOD'] = 'GET';
$method = 'redirect';
}
// fix zend csrf protection
foreach ($_POST as $key => $value) {
if (strpos($key, 'csrf') === FALSE) {
continue;
}
$form = new Zend_Form();
$form->addElement('hash', $key);
$element = $form->getElement($key);
$session = $element->getSession();
