public function checkCaptchaAfterUnSuccessfulLoginFromIp(Captcha $captcha, Counter $counter) { $counter->increaseFailedLoginIpCounter(); // If we have a failed login from an ip we must increase the ip, // the range and the country counter till the captcha is not active. if ($counter->getFailedLoginIpCounter() <= Counter::CAPTCHA_STATUS_SWITCH_FAILED_LOGIN_IP_ATTEMPTS) { $counter->increaseFailedLoginIpRangeCounter(); $counter->increaseFailedLoginIpCountryCounter(); } // - from the same ip we have 3 failed login or // - from the same ip range we have 500 failed login or // - from the same country we have 1000 failed login if ($counter->getFailedLoginIpCounter() >= Counter::CAPTCHA_STATUS_SWITCH_FAILED_LOGIN_IP_ATTEMPTS || $counter->getFailedLoginIpRangeCounter() >= Counter::CAPTCHA_STATUS_SWITCH_FAILED_LOGIN_IP_RANGE_ATTEMPTS || $counter->getFailedLoginIpCountryCounter() >= Counter::CAPTCHA_STATUS_SWITCH_FAILED_LOGIN_IP_COUNTRY_ATTEMPTS) { $captcha->setCaptchaStatus(true); } return $captcha->getCaptchaStatus(); }