Browse Source

Model+Controllers: Make failed login attempt check consistent

master
Riyyi 3 years ago
parent
commit
5d3962bba4
  1. 2
      app/classes/User.php
  2. 2
      app/controllers/LoginController.php
  3. 13
      app/model/UserModel.php

2
app/classes/User.php

@ -41,7 +41,7 @@ class User {
$user = UserModel::search(['username' => $username]); $user = UserModel::search(['username' => $username]);
$success = false; $success = false;
if ($user->exists() && $user->failed_login_attempt <= 2) { if ($user->exists() && $user->loginAllowed()) {
$saltPassword = $user->salt . $password; $saltPassword = $user->salt . $password;
if (password_verify($saltPassword, $user->password)) { if (password_verify($saltPassword, $user->password)) {
$success = true; $success = true;

2
app/controllers/LoginController.php

@ -43,7 +43,7 @@ class LoginController extends PageController {
} }
else { else {
$user = User::getUser('', $_POST['username']); $user = User::getUser('', $_POST['username']);
if ($user->exists() && $user->failed_login_attempt >= 5) { if ($user->exists() && !$user->loginAllowed()) {
$this->setAlert('danger', 'User has been blocked.'); $this->setAlert('danger', 'User has been blocked.');
} }
else { else {

13
app/model/UserModel.php

@ -3,5 +3,18 @@
namespace App\Model; namespace App\Model;
class UserModel extends Model { class UserModel extends Model {
protected $table = 'user'; protected $table = 'user';
//-------------------------------------//
public function loginAllowed(): bool
{
if (property_exists($this, 'failed_login_attempt') && $this->failed_login_attempt < 5) {
return true;
}
return false;
}
} }

Loading…
Cancel
Save