/** * authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to * attempt an authentication. Previous to this call, this adapter would have already * been configured with all necessary information to successfully connect to a database * table and attempt to find a record matching the provided identity. * * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible * @return Zend_Auth_Result */ public function authenticate() { $result = parent::authenticate(); $select = $this->_zendDb->select(); $select->from($this->_tableName); $select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity); $user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ); if ($result->isValid()) { // Check if user role is active $sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?'; if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) { return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array()); } Enlight_Components_Session::regenerateId(); // close and restart session to make sure the db session handler writes updates. session_write_close(); session_start(); $this->setSessionId(Enlight_Components_Session::getId()); $this->updateExpiry(); $this->updateSessionId(); //reset failed login count $this->setFailedLogins(0); } else { // If more then 4 previous failed logins lock account for n * failedlogins seconds if ($user->failedlogins >= 4) { $lockedUntil = new Zend_Date(); $lockedUntil->addSecond($this->lockSeconds * $user->failedlogins); $this->setLockedUntil($lockedUntil); } // Increase number of failed logins $this->setFailedLogins($user->failedlogins + 1); if (isset($lockedUntil)) { return new Zend_Auth_Result(-4, $this->_identity, array('lockedUntil' => $lockedUntil)); } } return $result; }