Ejemplo n.º 1
0
 /**
  * Logins the user (performing the brute force attack check)
  * 
  * @param myUser $userSf
  * @param PcUser $userApp - the user trying to login
  * @param boolean $rememberme - whether the user wanted to remember the login
  * @param boolean $remembermeCookieAlreadySet - in this case, if even
  *    $rememberme is true, the cookie is not set because it is already available
  * @return boolean - false if the account is blocked because of a brute
  *         force attack detection
  */
 public static function login(myUser $userSf, PcUser $userApp, $rememberme = false, $remembermeCookieAlreadySet = false)
 {
     // Check whether the account must be block because of a
     // brute force attack detection
     $c = new Criteria();
     $c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID, Criteria::INNER_JOIN);
     $c->add(PcUserPeer::ID, $userApp->getId(), Criteria::EQUAL);
     $row = PcFailedLoginsPeer::doSelectOne($c);
     if ($row) {
         $maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold');
         $currentAttempts = $row->getTimes();
         $timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration');
         $secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt());
         if ($secondsElapsedFromLastAttempt > $timeout) {
             // reset the 'failed logins' situation for the user
             $row->delete();
         } else {
             if ($currentAttempts >= $maxAttempts) {
                 PcWatchdog::alert('Brute force attack attempt', 'For the userid ' . $row->getUserId());
                 return false;
             }
         }
     }
     $userApp->setLanguage(PcUtils::getVisitorAcceptLanguage());
     $userApp->setIpAddress(PcUtils::getVisitorIPAddress());
     $userApp->save();
     $userSf->setAuthenticated(true);
     $userSf->setAttribute('userid', $userApp->getId());
     if ($userApp->isAdmin()) {
         $userSf->addCredential('admin');
     }
     if ($userApp->isStaffMember()) {
         $userSf->addCredential('staffMember');
     }
     if ($userApp->isContractor()) {
         $userSf->addCredential('contractor');
     }
     if ($userApp->isEditor()) {
         $userSf->addCredential('editor');
     }
     if ($userApp->isTranslator()) {
         $userSf->addCredential('translator');
     }
     if ($rememberme && !$remembermeCookieAlreadySet) {
         self::setRememberMeCookie($userSf, $userApp);
     } else {
         if (!$rememberme) {
             // the user may login a second time (while still logged in because of forum integration problems), without
             // ticking the rememberme checkbox
             self::resetRememberMeCookie();
         } else {
             // if $rememberme and $remembermeCookieAlreadySet
             // are both true we don't need to do anything
         }
     }
     sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent('CustomAuthLogin', 'custom_auth.login', array('user' => $userApp, 'rememberme' => $rememberme)));
     return true;
 }