/** * Tests UserLoginData->getLoginAttempts() && UserLoginData->setLoginAttempts() && UserLoginData->incLoginAttempts() */ public function testGetSetIncLoginAttempts() { $this->assertNull($this->UserLoginData->getLoginAttempts()); $this->UserLoginData->incLoginAttempts(); $this->assertEquals(1, $this->UserLoginData->getLoginAttempts()); $this->UserLoginData->incLoginAttempts(); $this->assertEquals(2, $this->UserLoginData->getLoginAttempts()); $incTimes = rand(5, 30); for ($i = 0; $i < $incTimes; $i++) { $this->UserLoginData->incLoginAttempts(); } $this->assertEquals(2 + $incTimes, $this->UserLoginData->getLoginAttempts()); $rand = rand(0, 200); $this->UserLoginData->setLoginAttempts($rand); $this->assertEquals($rand, $this->UserLoginData->getLoginAttempts()); }
private function assertLoginData() { // check copied values $this->assertEquals($this->adminKuser->getEmail(), $this->loginData->getLoginEmail(), 'login_email for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getPartnerId(), $this->loginData->getConfigPartnerId(), 'config_partner_id for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getSalt(), $this->loginData->getSalt(), 'salt for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getSha1Password(), $this->loginData->getSha1Password(), 'sha1_password for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getLoginAttempts(), $this->loginData->getLoginAttempts(), 'login_attempts for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getLoginBlockPeriod(), $this->loginData->getLoginBlockPeriod(), 'login_block_period for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getMaxLoginAttempts(), $this->loginData->getMaxLoginAttempts(), 'max_login_attempts for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getNumPrevPassToKeep(), $this->loginData->getNumPrevPassToKeep(), 'num_prev_pass_to_keep for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getPassReplaceFreq(), $this->loginData->getPassReplaceFreq(), 'pass_replace_freq for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getPasswordHashKey(), $this->loginData->getPasswordHashKey(), 'password_hash_key for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getPasswordUpdatedAt(), $this->loginData->getPasswordUpdatedAt(), 'password_updated_at for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getPreviousPasswords(), $this->loginData->getPreviousPasswords(), 'previous_passwords for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getLoginBlockedUntil(), $this->loginData->getLoginBlockedUntil(), 'login_blocked_until for ' . $this->getParams()); $this->assertEquals($this->adminKuser->getFullName(), $this->loginData->getFullName(), 'full_name for ' . $this->getParams()); // check new values $this->assertEquals($this->adminKuser->getPartnerId(), $this->loginData->getLastLoginPartnerId(), 'last_login_partner_id for ' . $this->getParams()); }
private static function userLogin(UserLoginData $loginData = null, $password, $partnerId = null, $validatePassword = true) { $requestedPartner = $partnerId; if (!$loginData) { throw new kUserException('', kUserException::LOGIN_DATA_NOT_FOUND); } // check if password is valid if ($validatePassword && !$loginData->isPasswordValid($password)) { if (time() < $loginData->getLoginBlockedUntil(null)) { throw new kUserException('', kUserException::LOGIN_BLOCKED); } if ($loginData->getLoginAttempts() + 1 >= $loginData->getMaxLoginAttempts()) { $loginData->setLoginBlockedUntil(time() + $loginData->getLoginBlockPeriod()); $loginData->setLoginAttempts(0); $loginData->save(); throw new kUserException('', kUserException::LOGIN_RETRIES_EXCEEDED); } $loginData->incLoginAttempts(); $loginData->save(); throw new kUserException('', kUserException::WRONG_PASSWORD); } if (time() < $loginData->getLoginBlockedUntil(null)) { throw new kUserException('', kUserException::LOGIN_BLOCKED); } $loginData->setLoginAttempts(0); $loginData->save(); $passUpdatedAt = $loginData->getPasswordUpdatedAt(null); if ($passUpdatedAt && time() > $passUpdatedAt + $loginData->getPassReplaceFreq()) { throw new kUserException('', kUserException::PASSWORD_EXPIRED); } if (!$partnerId) { $partnerId = $loginData->getLastLoginPartnerId(); } if (!$partnerId) { throw new kUserException('', kUserException::INVALID_PARTNER); } $partner = PartnerPeer::retrieveByPK($partnerId); $kuser = kuserPeer::getByLoginDataAndPartner($loginData->getId(), $partnerId); if (!$kuser || $kuser->getStatus() != KuserStatus::ACTIVE || !$partner || $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) { // if a specific partner was requested - throw error if ($requestedPartner) { if ($partner && $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } else { if ($kuser && $kuser->getStatus() == KuserStatus::BLOCKED) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } else { throw new kUserException('', kUserException::USER_NOT_FOUND); } } } // if kuser was found, keep status for following exception message $kuserStatus = $kuser ? $kuser->getStatus() : null; // if no specific partner was requested, but last logged in partner is not available, login to first found partner $kuser = null; $kuser = self::findFirstValidKuser($loginData->getId(), $partnerId); if (!$kuser) { if ($kuserStatus === KuserStatus::BLOCKED) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } throw new kUserException('', kUserException::USER_NOT_FOUND); } } if ($kuser->getIsAdmin() && !in_array($kuser->getPartnerId(), kConf::get('no_save_of_last_login_partner_for_partner_ids'))) { $loginData->setLastLoginPartnerId($kuser->getPartnerId()); } $loginData->save(); $kuser->setLastLoginTime(time()); $kuser->save(); return $kuser; }