public function authenticate()
{
// First initialize the result, we can later retieve it to get the exact error code/message
$result = new LSAuthResult(self::ERROR_NONE);
// Check if the ip is locked out
if (FailedLoginAttempt::model()->isLockedOut()) {
$message = sprintf(gT('You have exceeded the number of maximum login attempts. Please wait %d minutes before trying again.'), App()->getConfig('timeOutTime') / 60);
$result->setError(self::ERROR_IP_LOCKED_OUT, $message);
}
// If still ok, continue
if ($result->isValid()) {
if (is_null($this->plugin)) {
$result->setError(self::ERROR_UNKNOWN_HANDLER);
} else {
// Delegate actual authentication to plugin
$authEvent = new PluginEvent('newUserSession', $this);
$authEvent->set('identity', $this);
App()->getPluginManager()->dispatchEvent($authEvent, array($this->plugin));
$pluginResult = $authEvent->get('result');
if ($pluginResult instanceof LSAuthResult) {
//print_r($pluginResult);
$result = $pluginResult;
} else {
//echo 'out result';
$result->setError(self::ERROR_UNKNOWN_IDENTITY);
}
}
}
if ($result->isValid()) {
// Perform postlogin
//exit('you are in post login');
$this->postLogin();
} else {
// Log a failed attempt
//exit('you login failed');
$userHostAddress = App()->request->getUserHostAddress();
FailedLoginAttempt::model()->addAttempt($userHostAddress);
App()->session->regenerateID();
// Handled on login by Yii
}
$this->errorCode = $result->getCode();
$this->errorMessage = $result->getMessage();
return $result->isValid();
}
/**
* Check if a user can log in
* @return bool|array
*/
private function _userCanLogin()
{
$failed_login_attempts = FailedLoginAttempt::model();
$failed_login_attempts->cleanOutOldAttempts();
if ($failed_login_attempts->isLockedOut()) {
return $this->_getAuthenticationFailedErrorMessage();
} else {
return true;
}
}
