/** * Extends the Kohana Auth ORM driver to give useradmin module extras * @see Kohana_Auth_ORM::_login() */ protected function _login($user, $password, $remember) { if (!is_object($user)) { $username = $user; // Load the user $user = ORM::factory('user'); $user->where($user->unique_key($username), '=', $username)->find(); } // if there are too many recent failed logins, fail now if ($this->_config["useradmin"]["max_failed_logins"] > 0 && $user->failed_login_count >= $this->_config["useradmin"]["max_failed_logins"] && strtotime($user->last_failed_login) > strtotime("-" . $this->_config["useradmin"]["login_jail_time"])) { // do nothing, and fail (too many failed logins within {login_jail_time} minutes). return FALSE; } // Loads default driver before extend the results $status = parent::_login($user, $password, $remember); if ($status) { // Successful login // Reset the login failed count $user->failed_login_count = 0; $user->save(); } else { // Failed login $user->failed_login_count = $user->failed_login_count + 1; $user->last_failed_login = date("Y-m-d H:i:s"); // Verify if the user id if valid before save it if (is_numeric($user->id) && $user->id != 0) { $user->save(); } } return $status; }
/** * Logs a user in. * * @param string email * @param string password * @param boolean enable autologin * @return boolean */ protected function _login($email, $password, $remember) { $riverid_api = RiverID_API::instance(); // Fallback to local auth if user is in the exemption list if (in_array($email, Kohana::$config->load('auth.exempt'))) { return parent::_login($email, $password, $remember); } // Check if the email is registered on RiverID if ($riverid_api->is_registered($email)) { // Success! Proceed to sign in into RiverID $login_response = $riverid_api->signin($email, $password); if ($login_response and $login_response['status']) { // Get the user object that matches the provided email and RiverID $user = ORM::factory('user')->where('email', '=', $email)->where('riverid', '=', $login_response['user_id'])->find(); // User does not exist locally but authenticates via RiverID, create user if (!$user->loaded()) { // Check if the email is already registered locally // If so, this will simply append a riverid $user = ORM::factory('user')->where('email', '=', $email)->find(); // Only auto register if the site allows it if (!(bool) Model_Setting::get_setting('public_registration_enabled') and !$user->loaded()) { return FALSE; } $user->username = $user->email = $email; $user->riverid = $login_response['user_id']; $user->save(); // Allow the user be able to login immediately $login_role = ORM::factory('role', array('name' => 'login')); if (!$user->has('roles', $login_role)) { $user->add('roles', $login_role); } } // User exists locally and authenticates via RiverID so complete the login if ($user->has('roles', ORM::factory('role', array('name' => 'login')))) { if ($remember === TRUE) { // Token data $data = array('user_id' => $user->id, 'expires' => time() + $this->_config['lifetime'], 'user_agent' => sha1(Request::$user_agent)); // Create a new autologin token $token = ORM::factory('user_token')->values($data)->create(); // Set the autologin cookie Cookie::set('authautologin', $token->token, $this->_config['lifetime']); } // Finish the login $this->complete_login($user); return TRUE; } } } return FALSE; }