[ccdn user security bundle] error message.
Replies: 5   Views: 1418  Subscribers: 2

Posted by reece · 09-12-2012 - 15:41

Hi Zorg.

You can use the login_failure_tracker service to get an array of attempts that are within the scope of the set time limit in the config.

You should be able to do something like:

­
// Get session and check if it has any entries of failed logins.
            $session = $request->getSession();

            $ipAddress = $request->getClientIp();

            // Get number of failed login attempts.
            $tracker = $this->container->get('ccdn_user_security.component.authentication.tracker.login_failure_tracker');

            $attempts = $tracker->getAttempts($session, $ipAddress);

            // Get limits from config.
            $attemptLimitRecoverAccount = $this->container->getParameter('ccdn_user_security.login_shield.limit_failed_login_attempts.before_recover_account');
            $attemptLimitReturnHttp500 = $this->container->getParameter('ccdn_user_security.login_shield.limit_failed_login_attempts.before_return_http_500');

            $attemptCount = count($attempts)

            // How many attempts remain until you are forwarded to account recovery page?
            $remainingBeforeAC = $attemptLimitRecoverAccount - $attemptCount;

            // How many until we assume abuse and return http 500?
            $remainingBeforeHttp500 = $attemptLimitReturnHttp500 - $attemptCount;­
This is similar to the code found in client login voter. You can make a service out of this if you like and tag it with something like: ­
{ name: kernel.event_listener, event: kernel.request, method: onKernelRequest }­
Good luck and let me know how it goes. ­[:SMILE:]­