public function authenticate() { // First initialize the result, we can later retieve it to get the exact error code/message $result = new LSAuthResult(self::ERROR_NONE); // Check if the ip is locked out if (FailedLoginAttempt::model()->isLockedOut()) { $message = sprintf(gT('You have exceeded the number of maximum login attempts. Please wait %d minutes before trying again.'), App()->getConfig('timeOutTime') / 60); $result->setError(self::ERROR_IP_LOCKED_OUT, $message); } // If still ok, continue if ($result->isValid()) { if (is_null($this->plugin)) { $result->setError(self::ERROR_UNKNOWN_HANDLER); } else { // Delegate actual authentication to plugin $authEvent = new PluginEvent('newUserSession', $this); $authEvent->set('identity', $this); App()->getPluginManager()->dispatchEvent($authEvent, array($this->plugin)); $pluginResult = $authEvent->get('result'); if ($pluginResult instanceof LSAuthResult) { //print_r($pluginResult); $result = $pluginResult; } else { //echo 'out result'; $result->setError(self::ERROR_UNKNOWN_IDENTITY); } } } if ($result->isValid()) { // Perform postlogin //exit('you are in post login'); $this->postLogin(); } else { // Log a failed attempt //exit('you login failed'); $userHostAddress = App()->request->getUserHostAddress(); FailedLoginAttempt::model()->addAttempt($userHostAddress); App()->session->regenerateID(); // Handled on login by Yii } $this->errorCode = $result->getCode(); $this->errorMessage = $result->getMessage(); return $result->isValid(); }
/** * Check if a user can log in * @return bool|array */ private function _userCanLogin() { $failed_login_attempts = FailedLoginAttempt::model(); $failed_login_attempts->cleanOutOldAttempts(); if ($failed_login_attempts->isLockedOut()) { return $this->_getAuthenticationFailedErrorMessage(); } else { return true; } }