|
16 | 16 | use ZakharovAndrew\user\models\ChangePasswordForm; |
17 | 17 | use ZakharovAndrew\user\models\UserSettings; |
18 | 18 | use ZakharovAndrew\user\models\UserSettingsConfig; |
| 19 | +use ZakharovAndrew\user\models\LoginAttempt; |
19 | 20 | use yii\helpers\Url; |
20 | 21 | // for avatar uploading |
21 | 22 | use yii\web\UploadedFile; |
@@ -295,10 +296,25 @@ public function actionLogin() |
295 | 296 | if (!Yii::$app->user->isGuest) { |
296 | 297 | return $this->goHome(); |
297 | 298 | } |
| 299 | + |
| 300 | + // Get the user's IP address |
| 301 | + $userIp = Yii::$app->request->userIP; |
| 302 | + |
| 303 | + // Check if the IP address is blocked |
| 304 | + if (LoginAttempt::isBlockedByIp($userIp)) { |
| 305 | + Yii::$app->session->setFlash('error', Module::t('Too many unsuccessful attempts. Please wait an hour before trying again.')); |
| 306 | + return $this->render('login', ['model' => $model]); |
| 307 | + } |
298 | 308 |
|
299 | 309 | $model = new \ZakharovAndrew\user\models\LoginForm(); |
300 | 310 | if ($model->load(Yii::$app->request->post()) && $model->login()) { |
| 311 | + // Successful authentication |
| 312 | + LoginAttempt::logLoginAttempt($model->username, true); |
301 | 313 | return $this->goBack(); |
| 314 | + } else { |
| 315 | + // Unsuccessful authentication |
| 316 | + LoginAttempt::logLoginAttempt($model->username, false); |
| 317 | + Yii::$app->session->setFlash('error', Module::t('Incorrect username or password.' )); |
302 | 318 | } |
303 | 319 |
|
304 | 320 | $model->password = ''; |
@@ -494,7 +510,7 @@ public function actionToggleColumnVisibility() |
494 | 510 | Yii::$app->session->set('gridViewColumnVisibility', $columnVisibility); |
495 | 511 | } |
496 | 512 | } |
497 | | - |
| 513 | + |
498 | 514 | /** |
499 | 515 | * Finds the User model based on its primary key value. |
500 | 516 | * If the model is not found, a 404 HTTP exception will be thrown. |
|
0 commit comments