public function index()
{
$username = Input::instance()->post("user");
$password = Input::instance()->post("password");
if (empty($username) || auth::too_many_failures($username)) {
throw new Rest_Exception("Forbidden", 403);
}
$user = identity::lookup_user_by_name($username);
if (empty($user) || !identity::is_correct_password($user, $password)) {
module::event("user_login_failed", $username);
throw new Rest_Exception("Forbidden", 403);
}
auth::login($user);
rest::reply(rest::access_key());
}
static function validate_too_many_failed_auth_attempts($form_input)
{
if (auth::too_many_failures(identity::active_user()->name)) {
$form_input->add_error("too_many_failed_auth_attempts", 1);
}
}
