1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
<?php
namespace Kanboard\Validator;
use SimpleValidator\Validator;
use SimpleValidator\Validators;
use Gregwar\Captcha\CaptchaBuilder;
/**
* Authentication Validator
*
* @package Kanboard\Validator
* @author Frederic Guillot
*/
class AuthValidator extends BaseValidator
{
/**
* Validate user login form
*
* @access public
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
public function validateForm(array $values)
{
return $this->executeValidators(array('validateFields', 'validateLocking', 'validateCaptcha', 'validateCredentials'), $values);
}
/**
* Validate credentials syntax
*
* @access protected
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
protected function validateFields(array $values)
{
$v = new Validator($values, array(
new Validators\Required('username', t('The username is required')),
new Validators\MaxLength('username', t('The maximum length is %d characters', 50), 50),
new Validators\Required('password', t('The password is required')),
));
return array(
$v->execute(),
$v->getErrors(),
);
}
/**
* Validate user locking
*
* @access protected
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
protected function validateLocking(array $values)
{
$result = true;
$errors = array();
if ($this->userLockingModel->isLocked($values['username'])) {
$result = false;
$errors['login'] = t('Your account is locked for %d minutes', BRUTEFORCE_LOCKDOWN_DURATION);
$this->logger->error('Account locked: '.$values['username']);
}
return array($result, $errors);
}
/**
* Validate password syntax
*
* @access protected
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
protected function validateCredentials(array $values)
{
$result = true;
$errors = array();
if (! $this->authenticationManager->passwordAuthentication($values['username'], $values['password'])) {
$result = false;
$errors['login'] = t('Bad username or password');
}
return array($result, $errors);
}
/**
* Validate captcha
*
* @access protected
* @param array $values Form values
* @return array
*/
protected function validateCaptcha(array $values)
{
$result = true;
$errors = array();
if ($this->userLockingModel->hasCaptcha($values['username'])) {
if (! isset($this->sessionStorage->captcha)) {
$result = false;
} else {
$builder = new CaptchaBuilder;
$builder->setPhrase($this->sessionStorage->captcha);
$result = $builder->testPhrase(isset($values['captcha']) ? $values['captcha'] : '');
if (! $result) {
$errors['login'] = t('Invalid captcha');
}
}
}
return array($result, $errors);
}
}
|