Misterzym
/
CodeIgniter-Aauth
mirror of https://github.com/misterzym/CodeIgniter-Aauth.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

ddos protection changed

develop
Emre Akay 11 years ago
parent
72c5596865
commit
ecbadd961d
2 changed files with 72 additions and 32 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      application/config/aauth.php
  2. 96
      application/libraries/Aauth.php

8
application/config/aauth.php
Unescape View File

@ -51,9 +51,13 @@ $config['aauth'] = array(
// non alphanumeric characters that are allowed in a name // non alphanumeric characters that are allowed in a name
'valid_chars' => array(' ', '\''), 'valid_chars' => array(' ', '\''),
// ddos protection,
//if it is true, the user will be banned temporary when he exceed the login 'try'
'ddos_protection' => true,
// login attempts time interval // login attempts time interval
// default 10 times in one minute // default 20 times in one hour
'try' => 10, 'max_login_attempt' => 20,
// to register email verifitaion need? true / false // to register email verifitaion need? true / false
'verification' => false, 'verification' => false,

96
application/libraries/Aauth.php
Unescape View File

@ -123,6 +123,19 @@ class Aauth {
return false; return false;
} }
$query = null;
$query = $this->CI->db->where('email', $email);
$query = $this->CI->db->get($this->config_vars['users']);
$row = $query->row();
// only email found and login attempts exceeded
if ($query->num_rows() > 0 and ! $this->update_login_attempts($row->email)) {
$this->error($this->config_vars['wrong']);
return false;
}
// if user is not verified // if user is not verified
$query = null; $query = null;
$query = $this->CI->db->where('email', $email); $query = $this->CI->db->where('email', $email);
@ -135,7 +148,7 @@ class Aauth {
return false; return false;
} }
// to find user id // to find user id, create sessions and cookies
$query = $this->CI->db->where('email', $email); $query = $this->CI->db->where('email', $email);
$query = $this->CI->db->get($this->config_vars['users']); $query = $this->CI->db->get($this->config_vars['users']);
@ -147,10 +160,12 @@ class Aauth {
// Database stores pasword hashed password // Database stores pasword hashed password
$query = $this->CI->db->where('pass', $this->hash_password($pass, $user_id)); $query = $this->CI->db->where('pass', $this->hash_password($pass, $user_id));
$query = $this->CI->db->where('banned', 0); $query = $this->CI->db->where('banned', 0);
$query = $this->CI->db->get($this->config_vars['users']); $query = $this->CI->db->get($this->config_vars['users']);
$row = $query->row(); $row = $query->row();
// if email and pass matches and not banned
if ( $query->num_rows() > 0 ) { if ( $query->num_rows() > 0 ) {
// If email and pass matches // If email and pass matches
@ -187,32 +202,9 @@ class Aauth {
$this->update_activity(); $this->update_activity();
return TRUE; return TRUE;
}
} else { // if not matches
else {
$query = $this->CI->db->where('email', $email);
$query = $this->CI->db->get($this->config_vars['users']);
$row = $query->row();
if ($query->num_rows() > 0) {
if ( $row->last_login_attempt == null or (strtotime("now") - 600) > strtotime($row->last_login_attempt) )
{
$data = array(
'last_login_attempt' => date("Y-m-d H:i:s")
);
} else if (!($row->last_login_attempt != '' and (strtotime("now") + 30 * $this->config_vars['try'] ) < strtotime($row->last_login_attempt))) {
$newtimestamp = strtotime("$row->last_login_attempt + 30 seconds");
$data = array(
'last_login_attempt' => date( 'Y-m-d H:i:s', $newtimestamp )
);
}
$query = $this->CI->db->where('email', $email);
$this->CI->db->update($this->config_vars['users'], $data);
}
$this->error($this->config_vars['wrong']); $this->error($this->config_vars['wrong']);
return FALSE; return FALSE;
@ -272,12 +264,11 @@ class Aauth {
*/ */
public function control( $perm_par ){ public function control( $perm_par ){
// if perm_par is given
$perm_id = $this->get_perm_id($perm_par); $perm_id = $this->get_perm_id($perm_par);
$this->update_activity(); $this->update_activity();
// if user or user's group allowed // if user or user's group not allowed
if ( !$this->is_allowed($perm_id) or !$this->is_group_allowed($perm_id)){ if ( ! $this->is_allowed($perm_id) or ! $this->is_group_allowed($perm_id) ){
echo $this->config_vars['no_access']; echo $this->config_vars['no_access'];
die(); die();
} }
@ -749,6 +740,48 @@ class Aauth {
return $this->CI->db->update($this->config_vars['users'], $data); return $this->CI->db->update($this->config_vars['users'], $data);
} }
/**
* Update login attempt and if exceeds return false
* Update user's last login attemp date and number date
* @param string $email User email
* @return bool
*/
public function update_login_attempts($email) {
$user_id = $this->get_user_id($email);
$query = $this->CI->db->where('id', $user_id);
$query = $this->CI->db->get( $this->config_vars['users'] );
$row = $query->row();
$data = [];
if ( $row->last_login_attempt == date("Y-m-d H:0:0")) {
$data['login_attempts'] = $row->login_attempts + 1;
$query = $this->CI->db->where('id', $user_id);
$this->CI->db->update($this->config_vars['users'], $data);
} else {
$data['last_login_attempt'] = date("Y-m-d H:0:0");
$data['login_attempts'] = 1;
$this->CI->db->where('id', $user_id);
$this->CI->db->update($this->config_vars['users'], $data);
}
if ( $data['login_attempts'] > $this->config_vars['max_login_attempt'] ) {
return false;
} else {
return true;
}
}
/** /**
* Update remember * Update remember
* Update amount of time a user is remembered for * Update amount of time a user is remembered for
@ -1763,6 +1796,9 @@ class Aauth {
* geçici ban ve e-mail ile tkrar aktifleştime olayı * geçici ban ve e-mail ile tkrar aktifleştime olayı
* ddos protect olayını daha mantıklı hale getür * ddos protect olayını daha mantıklı hale getür
* *
* lock_user (until parametrsi)
* unlock_user
*
* *
* ----------- * -----------
* ok * ok

Write Preview
Loading…
Cancel
Save