/**
* Calls throttleIdentity of the loginThrottler and returns false
* if the throttleCount is grater then the 'throttle_limit' config.
* Also sleeps a little in order to avoid dicionary attacks.
*
* @param mixed $identity.
*
* @return boolean False if the identity has reached the 'throttle_limit'.
*/
protected function loginThrottling($identity)
{
$count = $this->loginThrottler->throttleIdentity($identity);
if ($count >= $this->app['config']->get('confide::throttle_limit')) {
return false;
}
// Throttling delay!
// See: http://www.codinghorror.com/blog/2009/01/dictionary-attacks-101.html
if ($count > 2) {
usleep(($count - 1) * 400000);
}
return true;
}
/**
* Calls throttleIdentity of the loginThrottler and returns false
* if the throttleCount is grater then the 'throttle_limit' config.
* Also sleeps a little in order to avoid dictionary attacks.
*
* @param mixed $identity.
*
* @return boolean False if the identity has reached the 'throttle_limit'.
*/
protected function loginThrottling($identity)
{
$count = $this->loginThrottler->throttleIdentity($identity);
$throttle_limit = $this->app->make('config')->get('confide.throttle_limit');
// Make it easy to notice that retrieving throttle_limit didn't work
assert(isset($throttle_limit), 'Throttle limit could not be retrieved from config');
if ($count >= $throttle_limit) {
return false;
}
// Throttling delay!
// See: http://www.codinghorror.com/blog/2009/01/dictionary-attacks-101.html
if ($count > 2) {
usleep(($count - 1) * 400000);
}
return true;
}
