public function testForAuthentication(array $reqs) { if (!$this->passwordAttemptThrottle) { return \StatusValue::newGood(); } $ip = $this->manager->getRequest()->getIP(); try { $username = AuthenticationRequest::getUsernameFromRequests($reqs); } catch (\UnexpectedValueException $e) { $username = ''; } // Get everything this username could normalize to, and throttle each one individually. // If nothing uses usernames, just throttle by IP. $usernames = $this->manager->normalizeUsername($username); $result = false; foreach ($usernames as $name) { $r = $this->passwordAttemptThrottle->increase($name, $ip, __METHOD__); if ($r && (!$result || $result['wait'] < $r['wait'])) { $result = $r; } } if ($result) { $message = wfMessage('login-throttled')->durationParams($result['wait']); return \StatusValue::newFatal($message); } else { $this->manager->setAuthenticationSessionData('LoginThrottle', ['users' => $usernames, 'ip' => $ip]); return \StatusValue::newGood(); } }
/** * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead */ public static function incrementLoginThrottle($username) { wfDeprecated(__METHOD__, "1.27"); global $wgRequest; $username = User::getCanonicalName($username, 'usable') ?: $username; $throttler = new Throttler(); return $throttler->increase($username, $wgRequest->getIP(), __METHOD__); }
public function testClear() { $cache = new \HashBagOStuff(); $throttler = new Throttler([['count' => 1, 'seconds' => 10]], ['cache' => $cache]); $throttler->setLogger(new NullLogger()); $result = $throttler->increase('SomeUser', '1.2.3.4'); $this->assertFalse($result, 'should not throttle'); $result = $throttler->increase('SomeUser', '1.2.3.4'); $this->assertSame(['throttleIndex' => 0, 'count' => 1, 'wait' => 10], $result); $result = $throttler->increase('OtherUser', '1.2.3.4'); $this->assertFalse($result, 'should not throttle'); $result = $throttler->increase('OtherUser', '1.2.3.4'); $this->assertSame(['throttleIndex' => 0, 'count' => 1, 'wait' => 10], $result); $throttler->clear('SomeUser', '1.2.3.4'); $result = $throttler->increase('SomeUser', '1.2.3.4'); $this->assertFalse($result, 'should not throttle'); $result = $throttler->increase('OtherUser', '1.2.3.4'); $this->assertSame(['throttleIndex' => 0, 'count' => 1, 'wait' => 10], $result); }