From 7844fd75b81d9462bfcdf79a11aed80bec2a734f Mon Sep 17 00:00:00 2001 From: Jan Kristinus Date: Thu, 29 Aug 2024 15:12:02 +0200 Subject: [PATCH] Auth Rules mit Pause funktionierte nicht sinnvoll closes #487 --- install/tablesets/yform_user.json | 22 +++++++++++++++++++--- lang/de_de.lang | 1 + lang/en_gb.lang | 1 + plugins/auth/lib/ycom_auth.php | 4 +++- plugins/auth/lib/ycom_auth_rules.php | 7 ++++--- 5 files changed, 28 insertions(+), 7 deletions(-) diff --git a/install/tablesets/yform_user.json b/install/tablesets/yform_user.json index b2015e1f..3434a915 100644 --- a/install/tablesets/yform_user.json +++ b/install/tablesets/yform_user.json @@ -332,6 +332,22 @@ "db_type": "", "list_hidden": 1, "search": 1, + "name": "last_login_try_time", + "label": "translate:last_login_try_time", + "not_required": "", + "only_empty": "2", + "no_db": "", + "format": "", + "modify_default": "" + }, + { + "table_name": "rex_ycom_user", + "prio": 22, + "type_id": "value", + "type_name": "datestamp", + "db_type": "", + "list_hidden": 1, + "search": 1, "name": "termination_time", "label": "translate:termination_time", "not_required": "", @@ -342,7 +358,7 @@ }, { "table_name": "rex_ycom_user", - "prio": 22, + "prio": 23, "type_id": "value", "type_name": "integer", "db_type": "", @@ -358,7 +374,7 @@ }, { "table_name": "rex_ycom_user", - "prio": 23, + "prio": 24, "type_id": "value", "type_name": "html", "db_type": "", @@ -371,7 +387,7 @@ }, { "table_name": "rex_ycom_user", - "prio": 24, + "prio": 25, "type_id": "value", "type_name": "be_manager_relation", "db_type": "", diff --git a/lang/de_de.lang b/lang/de_de.lang index 105c716f..1af89d3f 100644 --- a/lang/de_de.lang +++ b/lang/de_de.lang @@ -29,6 +29,7 @@ firstname = Vorname activation_key = Aktivierungsschlüssel session_key = Sessionschlüssel last_login_time = Letzter erfolgreicher Login +last_login_try_time = Letzter versuchter Login last_action_time = Letzte Aktion termination_time = Kündigungszeitpunkt login_failed = Fehlgeschlagene Logins diff --git a/lang/en_gb.lang b/lang/en_gb.lang index 568abb79..651e0712 100644 --- a/lang/en_gb.lang +++ b/lang/en_gb.lang @@ -29,6 +29,7 @@ firstname = First name activation_key = Activation key session_key = Session key last_login_time = Last sign in +last_login_try_time = Last sign in try last_action_time = Last action termination_time = Kündigungszeitpunkt login_failed = Failed sign in attempts diff --git a/plugins/auth/lib/ycom_auth.php b/plugins/auth/lib/ycom_auth.php index 38f6da08..c4b12560 100644 --- a/plugins/auth/lib/ycom_auth.php +++ b/plugins/auth/lib/ycom_auth.php @@ -211,13 +211,15 @@ public static function login(array $params): int /** @var rex_ycom_user $loginUser */ $loginUser = $loginUsers[0]; + // Check Only AuthRules $auth_rules = new rex_ycom_auth_rules(); $authRuleConfig = rex_config::get('ycom/auth', 'auth_rule', 'login_try_5_pause') ?? 'login_try_5_pause'; if (!$auth_rules->check($loginUser, $authRuleConfig)) { - $loginUser->increaseLoginTries()->save(); throw new rex_exception('Login failed - Auth Rules'); } + $loginUser->setValue('last_login_try_time', rex_sql::datetime(time())); + if ( $params['ignorePassword'] || ('' != $params['loginPassword'] && self::checkPassword($params['loginPassword'], $loginUser->getId())) diff --git a/plugins/auth/lib/ycom_auth_rules.php b/plugins/auth/lib/ycom_auth_rules.php index c90bcd36..2f73d47b 100644 --- a/plugins/auth/lib/ycom_auth_rules.php +++ b/plugins/auth/lib/ycom_auth_rules.php @@ -81,13 +81,14 @@ public function check(rex_ycom_user $user, string $rule_name = 'login_try_5_paus switch ($rule['action']['type']) { case 'deactivate': + $user->increaseLoginTries(); $user->setValue('status', -2); // to much login failures $user->save(); return false; case 'pause': - $lastLoginDate = new DateTime($user->getValue('last_login_time')); - $lastLoginDate->modify('+' . $rule['action']['time'] . ' seconds'); - if (date('YmdHis') < $lastLoginDate->format('YmdHis')) { + $lastLoginTryDate = new DateTime($user->getValue('last_login_try_time')); + $lastLoginTryDate->modify('+' . $rule['action']['time'] . ' seconds'); + if (date('YmdHis') < $lastLoginTryDate->format('YmdHis')) { return false; } return true;