/**
* In the case of wrong authentication, check whether
* a brute force attack is ongoing
*
* @param string $email - the email address of the user who
* tried to login and failed
*/
public static function checkAgainstBruteForceAttack($email)
{
$c = new Criteria();
$c->add(PcUserPeer::EMAIL, $email, Criteria::EQUAL);
$userToCheck = PcUserPeer::doSelectOne($c);
$c = new Criteria();
$c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID);
$c->add(PcUserPeer::ID, $userToCheck->getId(), Criteria::EQUAL);
$row = PcFailedLoginsPeer::doSelectOne($c);
if ($row) {
$maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold');
$currentAttempts = $row->getTimes();
$timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration');
$secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt());
if ($secondsElapsedFromLastAttempt > $timeout) {
// reset the 'failed logins' situation for the user
$row->delete();
} else {
if ($currentAttempts >= $maxAttempts) {
return true;
} else {
$row->setTimes($row->getTimes() + 1);
$row->save();
}
}
} else {
// insert a new row for the user
$failedLogins = new PcFailedLogins();
$failedLogins->setUser($userToCheck);
$failedLogins->setTimes(1);
$failedLogins->save();
}
return false;
}
/**
* Sets a single PcFailedLogins object as related to this object by a one-to-one relationship.
*
* @param PcFailedLogins $l PcFailedLogins
* @return PcUser The current object (for fluent API support)
* @throws PropelException
*/
public function setPcFailedLogins(PcFailedLogins $v)
{
$this->singlePcFailedLogins = $v;
// Make sure that that the passed-in PcFailedLogins isn't already associated with this object
if ($v->getPcUser() === null) {
$v->setPcUser($this);
}
return $this;
}
/**
* Adds an object to the instance pool.
*
* Propel keeps cached copies of objects in an instance pool when they are retrieved
* from the database. In some cases -- especially when you override doSelect*()
* methods in your stub classes -- you may need to explicitly add objects
* to the cache in order to ensure that the same objects are always returned by doSelect*()
* and retrieveByPK*() calls.
*
* @param PcFailedLogins $value A PcFailedLogins object.
* @param string $key (optional) key to use for instance map (for performance boost if key was already calculated externally).
*/
public static function addInstanceToPool(PcFailedLogins $obj, $key = null)
{
if (Propel::isInstancePoolingEnabled()) {
if ($key === null) {
$key = (string) $obj->getUserId();
}
// if key === null
self::$instances[$key] = $obj;
}
}