public function index() { $username = Input::instance()->post("user"); $password = Input::instance()->post("password"); if (empty($username) || auth::too_many_failures($username)) { throw new Rest_Exception("Forbidden", 403); } $user = identity::lookup_user_by_name($username); if (empty($user) || !identity::is_correct_password($user, $password)) { module::event("user_login_failed", $username); throw new Rest_Exception("Forbidden", 403); } auth::login($user); rest::reply(rest::access_key()); }
static function validate_too_many_failed_auth_attempts($form_input) { if (auth::too_many_failures(identity::active_user()->name)) { $form_input->add_error("too_many_failed_auth_attempts", 1); } }