|
|
|
@ -350,13 +350,12 @@ class user extends common {
|
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* Compte valide : |
|
|
|
|
* Timeout entre nombre de tentatives autorisées |
|
|
|
|
* Mot de passe |
|
|
|
|
* Groupe |
|
|
|
|
*/ |
|
|
|
|
if( $this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) < time() && |
|
|
|
|
$this->getData(['user',$userId,'connectFail']) < $this->getData(['config', 'connect', 'attempt']) && |
|
|
|
|
password_verify($this->getInput('userLoginPassword', helper::FILTER_STRING_SHORT, true), $this->getData(['user', $userId, 'password'])) |
|
|
|
|
if( $this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) < time() |
|
|
|
|
AND $this->getData(['user',$userId,'connectFail']) < $this->getData(['config', 'connect', 'attempt']) |
|
|
|
|
AND password_verify($this->getInput('userLoginPassword', helper::FILTER_STRING_SHORT, true), $this->getData(['user', $userId, 'password'])) |
|
|
|
|
AND $this->getData(['user', $userId, 'group']) >= self::GROUP_MEMBER |
|
|
|
|
) { |
|
|
|
|
$expire = $this->getInput('userLoginLongTime') ? strtotime("+1 year") : 0; |
|
|
|
@ -378,6 +377,7 @@ class user extends common {
|
|
|
|
|
else { |
|
|
|
|
// RAZ compteur échec connexion |
|
|
|
|
$this->setData(['user',$userId,'connectFail',0 ]); |
|
|
|
|
$this->setData(['user',$userId,'connectTimeout',0 ]); |
|
|
|
|
// Valeurs en sortie |
|
|
|
|
$this->addOutput([ |
|
|
|
|
'notification' => 'Connexion réussie', |
|
|
|
@ -393,10 +393,10 @@ class user extends common {
|
|
|
|
|
) { |
|
|
|
|
$this->setData(['user',$userId,'connectFail',$this->getdata(['user',$userId,'connectFail']) + 1 ]); |
|
|
|
|
// Mettre à jour le timer et notifier |
|
|
|
|
if ( $this->getdata(['user',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt']) |
|
|
|
|
if ( $this->getdata(['user',$userId,'connectFail']) >= $this->getData(['config', 'connect', 'attempt']) |
|
|
|
|
) { |
|
|
|
|
$notification = 'Trop de tentatives, accès bloqué durant ' . ($this->getData(['config', 'connect', 'timeout']) / 60) . ' minutes.'; |
|
|
|
|
// Ne pas incrémenter le timer si actif |
|
|
|
|
// Incrémenter le timer |
|
|
|
|
if ($this->getData(['user',$userId,'connectTimeout']) + $this->getData(['config', 'connect', 'timeout']) < time() ) { |
|
|
|
|
$this->setData(['user',$userId,'connectTimeout', time()]); |
|
|
|
|
} |
|
|
|
@ -406,7 +406,7 @@ class user extends common {
|
|
|
|
|
// L'utilisateur n'existe pas |
|
|
|
|
// Bloquer l'IP après les tentatives autorisées avec ce compte, |
|
|
|
|
} elseif ( |
|
|
|
|
$this->getData(['blacklist',$userId,'connectFail']) > $this->getData(['config', 'connect', 'attempt']) |
|
|
|
|
$this->getData(['blacklist',$userId,'connectFail']) >= $this->getData(['config', 'connect', 'attempt']) |
|
|
|
|
) { |
|
|
|
|
$notification = 'Trop de tentatives, compte verrouillé'; |
|
|
|
|
} |
|
|
|
|