/**
* Logins the user (performing the brute force attack check)
*
* @param myUser $userSf
* @param PcUser $userApp - the user trying to login
* @param boolean $rememberme - whether the user wanted to remember the login
* @param boolean $remembermeCookieAlreadySet - in this case, if even
* $rememberme is true, the cookie is not set because it is already available
* @return boolean - false if the account is blocked because of a brute
* force attack detection
*/
public static function login(myUser $userSf, PcUser $userApp, $rememberme = false, $remembermeCookieAlreadySet = false)
{
// Check whether the account must be block because of a
// brute force attack detection
$c = new Criteria();
$c->addJoin(PcUserPeer::ID, PcFailedLoginsPeer::USER_ID, Criteria::INNER_JOIN);
$c->add(PcUserPeer::ID, $userApp->getId(), Criteria::EQUAL);
$row = PcFailedLoginsPeer::doSelectOne($c);
if ($row) {
$maxAttempts = sfConfig::get('app_bruteForceLockout_loginAttemptThreshold');
$currentAttempts = $row->getTimes();
$timeout = sfConfig::get('app_bruteForceLockout_lockoutDuration');
$secondsElapsedFromLastAttempt = time() - strtotime($row->getUpdatedAt());
if ($secondsElapsedFromLastAttempt > $timeout) {
// reset the 'failed logins' situation for the user
$row->delete();
} else {
if ($currentAttempts >= $maxAttempts) {
PcWatchdog::alert('Brute force attack attempt', 'For the userid ' . $row->getUserId());
return false;
}
}
}
$userApp->setLanguage(PcUtils::getVisitorAcceptLanguage());
$userApp->setIpAddress(PcUtils::getVisitorIPAddress());
$userApp->save();
$userSf->setAuthenticated(true);
$userSf->setAttribute('userid', $userApp->getId());
if ($userApp->isAdmin()) {
$userSf->addCredential('admin');
}
if ($userApp->isStaffMember()) {
$userSf->addCredential('staffMember');
}
if ($userApp->isContractor()) {
$userSf->addCredential('contractor');
}
if ($userApp->isEditor()) {
$userSf->addCredential('editor');
}
if ($userApp->isTranslator()) {
$userSf->addCredential('translator');
}
if ($rememberme && !$remembermeCookieAlreadySet) {
self::setRememberMeCookie($userSf, $userApp);
} else {
if (!$rememberme) {
// the user may login a second time (while still logged in because of forum integration problems), without
// ticking the rememberme checkbox
self::resetRememberMeCookie();
} else {
// if $rememberme and $remembermeCookieAlreadySet
// are both true we don't need to do anything
}
}
sfContext::getInstance()->getEventDispatcher()->notify(new sfEvent('CustomAuthLogin', 'custom_auth.login', array('user' => $userApp, 'rememberme' => $rememberme)));
return true;
}
