Merge pull request #1 from fguillot/master

Update from upstream

1 files changed, 87 insertions, 8 deletions

diff --git a/app/Subscriber/AuthSubscriber.php b/app/Subscriber/AuthSubscriber.php
index 2461b52c..e839385f 100644
--- a/app/Subscriber/AuthSubscriber.php
+++ b/app/Subscriber/AuthSubscriber.php
@@ -2,26 +2,105 @@
 
 namespace Kanboard\Subscriber;
 
-use Kanboard\Core\Request;
-use Kanboard\Event\AuthEvent;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Kanboard\Core\Security\AuthenticationManager;
+use Kanboard\Core\Session\SessionManager;
+use Kanboard\Event\AuthSuccessEvent;
+use Kanboard\Event\AuthFailureEvent;
 
-class AuthSubscriber extends \Kanboard\Core\Base implements EventSubscriberInterface
+/**
+ * Authentication Subscriber
+ *
+ * @package subscriber
+ * @author  Frederic Guillot
+ */
+class AuthSubscriber extends BaseSubscriber implements EventSubscriberInterface
 {
+    /**
+     * Get event listeners
+     *
+     * @static
+     * @access public
+     * @return array
+     */
     public static function getSubscribedEvents()
     {
         return array(
-            'auth.success' => array('onSuccess', 0),
+            AuthenticationManager::EVENT_SUCCESS => 'afterLogin',
+            AuthenticationManager::EVENT_FAILURE => 'onLoginFailure',
+            SessionManager::EVENT_DESTROY => 'afterLogout',
         );
     }
 
-    public function onSuccess(AuthEvent $event)
+    /**
+     * After Login callback
+     *
+     * @access public
+     * @param  AuthSuccessEvent $event
+     */
+    public function afterLogin(AuthSuccessEvent $event)
     {
+        $this->logger->debug('Subscriber executed: '.__METHOD__);
+
+        $userAgent = $this->request->getUserAgent();
+        $ipAddress = $this->request->getIpAddress();
+
+        $this->userLocking->resetFailedLogin($this->userSession->getUsername());
+
         $this->lastLogin->create(
             $event->getAuthType(),
-            $event->getUserId(),
-            Request::getIpAddress(),
-            Request::getUserAgent()
+            $this->userSession->getId(),
+            $ipAddress,
+            $userAgent
         );
+
+        if ($event->getAuthType() === 'RememberMe') {
+            $this->userSession->validatePostAuthentication();
+        }
+
+        if (isset($this->sessionStorage->hasRememberMe) && $this->sessionStorage->hasRememberMe) {
+            $session = $this->rememberMeSession->create($this->userSession->getId(), $ipAddress, $userAgent);
+            $this->rememberMeCookie->write($session['token'], $session['sequence'], $session['expiration']);
+        }
+    }
+
+    /**
+     * Destroy RememberMe session on logout
+     *
+     * @access public
+     */
+    public function afterLogout()
+    {
+        $this->logger->debug('Subscriber executed: '.__METHOD__);
+        $credentials = $this->rememberMeCookie->read();
+
+        if ($credentials !== false) {
+            $session = $this->rememberMeSession->find($credentials['token'], $credentials['sequence']);
+
+            if (! empty($session)) {
+                $this->rememberMeSession->remove($session['id']);
+            }
+
+            $this->rememberMeCookie->remove();
+        }
+    }
+
+    /**
+     * Increment failed login counter
+     *
+     * @access public
+     */
+    public function onLoginFailure(AuthFailureEvent $event)
+    {
+        $this->logger->debug('Subscriber executed: '.__METHOD__);
+        $username = $event->getUsername();
+
+        if (! empty($username)) {
+            $this->userLocking->incrementFailedLogin($username);
+
+            if ($this->userLocking->getFailedLogin($username) > BRUTEFORCE_LOCKDOWN) {
+                $this->userLocking->lock($username, BRUTEFORCE_LOCKDOWN_DURATION);
+            }
+        }
     }
 }