Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

some little fixes with ddos_protection & reCAPTCHA 

- fixed timestamp where in `reset_login_attempts()`, `get_login_attempts()` & `update_login_attempts()`
 - fixed `login()` removed cookie/session-userdata for reCAPTCHA (if reCAPTCHA needed)
 - fixed `login()` moved `update_login_attempts()` before test email/name & password
 - fixed `generate_recaptcha_field()` removed cookie/session check
develop
REJack 9 years ago
parent
4636fd7704
commit
5701a7a6fc
1 changed files with 12 additions and 43 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 49
      application/libraries/Aauth.php

49
application/libraries/Aauth.php
Unescape View File

@ -141,8 +141,11 @@ class Aauth {
); );
$this->CI->input->set_cookie($cookie); $this->CI->input->set_cookie($cookie);
} }
if ($this->config_vars['ddos_protection'] && ! $this->update_login_attempts()) {
$this->error($this->CI->lang->line('aauth_error_login_attempts_exceeded'));
return FALSE;
}
if( $this->config_vars['login_with_name'] == TRUE){ if( $this->config_vars['login_with_name'] == TRUE){
if( !$identifier OR strlen($pass) < $this->config_vars['min'] OR strlen($pass) > $this->config_vars['max'] ) if( !$identifier OR strlen($pass) < $this->config_vars['min'] OR strlen($pass) > $this->config_vars['max'] )
@ -159,24 +162,6 @@ class Aauth {
} }
$db_identifier = 'email'; $db_identifier = 'email';
} }
if ($this->config_vars['ddos_protection'] && ! $this->update_login_attempts()) {
$this->error($this->CI->lang->line('aauth_error_login_attempts_exceeded'));
return FALSE;
}
if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() >= $this->config_vars['recaptcha_login_attempts']){
if($this->config_vars['use_cookies'] == TRUE){
$reCAPTCHA_cookie = array(
'name' => 'reCAPTCHA',
'value' => 'true',
'expire' => 7200,
'path' => '/',
);
$this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->set_tempdata('reCAPTCHA', 'true', 7200);
}
}
// if user is not verified // if user is not verified
$query = null; $query = null;
@ -201,7 +186,7 @@ class Aauth {
$user_id = $query->row()->id; $user_id = $query->row()->id;
if($this->config_vars['recaptcha_active']){ if($this->config_vars['recaptcha_active']){
if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){ if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() > $this->config_vars['recaptcha_login_attempts']){
$reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']); $reCaptcha = new ReCaptcha( $this->config_vars['recaptcha_secret']);
$resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") ); $resp = $reCaptcha->verifyResponse( $this->CI->input->server("REMOTE_ADDR"), $this->CI->input->post("g-recaptcha-response") );
@ -314,20 +299,6 @@ class Aauth {
} }
} }
if($this->config_vars['recaptcha_active']){
if($this->config_vars['use_cookies'] == TRUE){
$reCAPTCHA_cookie = array(
'name' => 'reCAPTCHA',
'value' => 'false',
'expire' => -3600,
'path' => '/',
);
$this->CI->input->set_cookie($reCAPTCHA_cookie);
}else{
$this->CI->session->unset_tempdata('reCAPTCHA');
}
}
// update last login // update last login
$this->update_last_login($row->id); $this->update_last_login($row->id);
$this->update_activity(); $this->update_activity();
@ -526,7 +497,7 @@ class Aauth {
$this->aauth_db->where( $this->aauth_db->where(
array( array(
'ip_address'=>$ip_address, 'ip_address'=>$ip_address,
'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period']) 'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
) )
); );
return $this->aauth_db->delete($this->config_vars['login_attempts']); return $this->aauth_db->delete($this->config_vars['login_attempts']);
@ -637,7 +608,7 @@ class Aauth {
$query = $this->aauth_db->where( $query = $this->aauth_db->where(
array( array(
'ip_address'=>$ip_address, 'ip_address'=>$ip_address,
'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period']) 'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
) )
); );
$query = $this->aauth_db->get( $this->config_vars['login_attempts'] ); $query = $this->aauth_db->get( $this->config_vars['login_attempts'] );
@ -675,7 +646,7 @@ class Aauth {
$query = $this->aauth_db->where( $query = $this->aauth_db->where(
array( array(
'ip_address'=>$ip_address, 'ip_address'=>$ip_address,
'timestamp >='=>strtotime("-".$this->config_vars['max_login_attempt_time_period']) 'timestamp >='=>date("Y-m-d H:i:s", strtotime("-".$this->config_vars['max_login_attempt_time_period']))
) )
); );
$query = $this->aauth_db->get( $this->config_vars['login_attempts'] ); $query = $this->aauth_db->get( $this->config_vars['login_attempts'] );
@ -2488,13 +2459,11 @@ class Aauth {
public function generate_recaptcha_field(){ public function generate_recaptcha_field(){
$content = ''; $content = '';
if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active']){ if($this->config_vars['ddos_protection'] && $this->config_vars['recaptcha_active'] && $this->get_login_attempts() >= $this->config_vars['recaptcha_login_attempts']){
if( ($this->config_vars['use_cookies'] == TRUE && $this->CI->input->cookie('reCAPTCHA', TRUE) == 'true') || ($this->config_vars['use_cookies'] == FALSE && $this->CI->session->tempdata('reCAPTCHA') == 'true') ){
$content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>"; $content .= "<script type='text/javascript' src='https://www.google.com/recaptcha/api.js'></script>";
$siteKey = $this->config_vars['recaptcha_siteKey']; $siteKey = $this->config_vars['recaptcha_siteKey'];
$content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>"; $content .= "<div class='g-recaptcha' data-sitekey='{$siteKey}'></div>";
} }
}
return $content; return $content;
} }

Write Preview
Loading…
Cancel
Save