Re: login attempts limit and auth
On Sun, Sep 27, 2009 at 8:49 AM, rrd wrote: > > The interesting thing is the manual says login function will not be > used if auth autoredirect is not false. > http://book.cakephp.org/view/248/AuthComponent-Variables#autoRedirect-395 > > But it seems with default autoredirect the login function works. It should be autoRedirect. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
The interesting thing is the manual says login function will not be used if auth autoredirect is not false. http://book.cakephp.org/view/248/AuthComponent-Variables#autoRedirect-395 But it seems with default autoredirect the login function works. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
login attempts limit and auth
Hari, I use auth component to do the login. I want to limit login attempts like for 3 attempts. Where should I put my code? UserController login ()? beforeFilter? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
I would put it into login() function. After each unsuccessful login attempt, I would increment a variable, like $login_attempts, save it into user session table and maybe log last unsuccessful login attempt, too. Just my quick thought. On 26. Sep., 14:45 h., "rrd...@gmail.com" wrote: > Hari, > > I use auth component to do the login. I want to limit login attempts > like for 3 attempts. Where should I put my code? UserController login > ()? beforeFilter? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: login attempts limit and auth
On Sat, Sep 26, 2009 at 9:47 AM, midas wrote:
>
> I would put it into login() function. After each unsuccessful login
> attempt, I would increment a variable, like $login_attempts, save it
> into user session table and maybe log last unsuccessful login attempt,
> too. Just my quick thought.
This seems to work:
public function login()
{
if (!empty($this->data))
{
if (!$this->Auth->user())
{
$login = $this->data['Member']['email'];
//$attempts = intval($this->Session->read($login));
//$attempts =
intval($this->Session->read('Member.'.$login));
$attempts = intval($_SESSION[$login]);
//$this->Session->write($login, ++$attempts);
//$this->Session->write('Member.'.$login, ++$attempts);
$_SESSION[$login] = ++$attempts;
if ($attempts == $this->max_login_attempts)
{
$this->Session->flash(...);
$this->redirect(...);
}
}
else
{
// logged in
}
}
}
You can see that I had to use $_SESSION. It seems there's no way to
use Cake's SessionComponent, perhaps because Auth is removing it. I
haven't checked.
You'll get a warning on the 1st iteration due to this line because the
key doesn't yet exist.
intval($_SESSION[$login])
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~--~~~~--~~--~--~---
