/**
* authenticate() - defined by Zend_Auth_Adapter_Interface. This method is called to
* attempt an authentication. Previous to this call, this adapter would have already
* been configured with all necessary information to successfully connect to a database
* table and attempt to find a record matching the provided identity.
*
* @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
$result = parent::authenticate();
$select = $this->_zendDb->select();
$select->from($this->_tableName);
$select->where($this->_zendDb->quoteIdentifier($this->_identityColumn, true) . ' = ?', $this->_identity);
$user = $this->_zendDb->fetchRow($select, array(), Zend_Db::FETCH_OBJ);
if ($result->isValid()) {
// Check if user role is active
$sql = 'SELECT enabled FROM s_core_auth_roles WHERE id = ?';
if ($this->_zendDb->fetchOne($sql, array($user->roleID)) == false) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $this->_identity, array());
}
Enlight_Components_Session::regenerateId();
// close and restart session to make sure the db session handler writes updates.
session_write_close();
session_start();
$this->setSessionId(Enlight_Components_Session::getId());
$this->updateExpiry();
$this->updateSessionId();
//reset failed login count
$this->setFailedLogins(0);
} else {
// If more then 4 previous failed logins lock account for n * failedlogins seconds
if ($user->failedlogins >= 4) {
$lockedUntil = new Zend_Date();
$lockedUntil->addSecond($this->lockSeconds * $user->failedlogins);
$this->setLockedUntil($lockedUntil);
}
// Increase number of failed logins
$this->setFailedLogins($user->failedlogins + 1);
if (isset($lockedUntil)) {
return new Zend_Auth_Result(-4, $this->_identity, array('lockedUntil' => $lockedUntil));
}
}
return $result;
}
