Re: login attempts limit and auth
On Sun, Sep 27, 2009 at 8:49 AM, rrd wrote: > > The interesting thing is the manual says login function will not be > used if auth autoredirect is not false. > http://book.cakephp.org/view/248/AuthComponent-Variables#autoRedirect-395 > > But it seems with default autoredirect the login function works. It should be autoRedirect. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
The interesting thing is the manual says login function will not be used if auth autoredirect is not false. http://book.cakephp.org/view/248/AuthComponent-Variables#autoRedirect-395 But it seems with default autoredirect the login function works. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
login attempts limit and auth
Hari, I use auth component to do the login. I want to limit login attempts like for 3 attempts. Where should I put my code? UserController login ()? beforeFilter? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
I would put it into login() function. After each unsuccessful login attempt, I would increment a variable, like $login_attempts, save it into user session table and maybe log last unsuccessful login attempt, too. Just my quick thought. On 26. Sep., 14:45 h., "rrd...@gmail.com" wrote: > Hari, > > I use auth component to do the login. I want to limit login attempts > like for 3 attempts. Where should I put my code? UserController login > ()? beforeFilter? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
On Sat, Sep 26, 2009 at 9:47 AM, midas wrote: > > I would put it into login() function. After each unsuccessful login > attempt, I would increment a variable, like $login_attempts, save it > into user session table and maybe log last unsuccessful login attempt, > too. Just my quick thought. This seems to work: public function login() { if (!empty($this->data)) { if (!$this->Auth->user()) { $login = $this->data['Member']['email']; //$attempts = intval($this->Session->read($login)); //$attempts = intval($this->Session->read('Member.'.$login)); $attempts = intval($_SESSION[$login]); //$this->Session->write($login, ++$attempts); //$this->Session->write('Member.'.$login, ++$attempts); $_SESSION[$login] = ++$attempts; if ($attempts == $this->max_login_attempts) { $this->Session->flash(...); $this->redirect(...); } } else { // logged in } } } You can see that I had to use $_SESSION. It seems there's no way to use Cake's SessionComponent, perhaps because Auth is removing it. I haven't checked. You'll get a warning on the 1st iteration due to this line because the key doesn't yet exist. intval($_SESSION[$login]) --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---