public function getFailedAction() { if ($this->request->isPost()) { if ($this->request->isAjax()) { if ($this->token->check('token')) { $records = UsersFailedAttempts::find()->toArray(); $data = array('data' => $records); return $this->sendAjax($data); } } } }
/** * {@inheritDoc} * @see \Thunderhawk\API\Component\Auth\AuthInterface::userThrottling() */ public function userThrottling($user_id) { $ip_address = ip2long($this->request->getClientAddress()); $failed = new UsersFailedAttempts(); $failed->users_id = $user_id; $failed->ip_address = $ip_address; $failed->save(); $attempts = UsersFailedAttempts::count(array('ip_address = ?0 AND attempted >= ?1', 'bind' => array($ip_address, date("Y-m-d H:i:s", time() - TIME_ONE_HOUR)))); // prevent brute force switch ($attempts) { case 1: case 2: // no delay break; case 3: case 4: sleep(2); break; default: sleep(4); break; } }