public function getFailedAction()
{
if ($this->request->isPost()) {
if ($this->request->isAjax()) {
if ($this->token->check('token')) {
$records = UsersFailedAttempts::find()->toArray();
$data = array('data' => $records);
return $this->sendAjax($data);
}
}
}
}
/**
* {@inheritDoc}
* @see \Thunderhawk\API\Component\Auth\AuthInterface::userThrottling()
*/
public function userThrottling($user_id)
{
$ip_address = ip2long($this->request->getClientAddress());
$failed = new UsersFailedAttempts();
$failed->users_id = $user_id;
$failed->ip_address = $ip_address;
$failed->save();
$attempts = UsersFailedAttempts::count(array('ip_address = ?0 AND attempted >= ?1', 'bind' => array($ip_address, date("Y-m-d H:i:s", time() - TIME_ONE_HOUR))));
// prevent brute force
switch ($attempts) {
case 1:
case 2:
// no delay
break;
case 3:
case 4:
sleep(2);
break;
default:
sleep(4);
break;
}
}
