Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/old/vendor/magento/module-integration/Model/Oauth/Token/ |
<?php
/**
* Copyright © Magento, Inc. All rights reserved.
* See COPYING.txt for license details.
*/
namespace Magento\Integration\Model\Oauth\Token;
use Magento\Integration\Model\Oauth\Token\RequestLog\ReaderInterface as RequestLogReader;
use Magento\Integration\Model\Oauth\Token\RequestLog\WriterInterface as RequestLogWriter;
use Magento\Integration\Model\Oauth\Token\RequestLog\Config as RequestLogConfig;
use Magento\Framework\Exception\AuthenticationException;
/**
* Model for OAuth admin/customer token requests throttling.
*/
class RequestThrottler
{
/**#@+
* Web API user type
*/
const USER_TYPE_CUSTOMER = 2;
const USER_TYPE_ADMIN = 3;
/**#@-*/
/**#@-*/
private $requestLogReader;
/**
* @var RequestLogWriter
*/
private $requestLogWriter;
/**
* @var RequestLogConfig
*/
private $requestLogConfig;
/**
* Initialize dependencies.
*
* @param RequestLogReader $requestLogReader
* @param RequestLogWriter $requestLogWriter
* @param RequestLogConfig $requestLogConfig
*/
public function __construct(
RequestLogReader $requestLogReader,
RequestLogWriter $requestLogWriter,
RequestLogConfig $requestLogConfig
) {
$this->requestLogReader = $requestLogReader;
$this->requestLogWriter = $requestLogWriter;
$this->requestLogConfig = $requestLogConfig;
}
/**
* Throw exception if user account is currently locked because of too many failed authentication attempts.
*
* @param string $userName
* @param int $userType
* @return void
* @throws AuthenticationException
*/
public function throttle($userName, $userType)
{
$count = $this->requestLogReader->getFailuresCount($userName, $userType);
if ($count >= $this->requestLogConfig->getMaxFailuresCount()) {
throw new AuthenticationException(
__(
'The account sign-in was incorrect or your account is disabled temporarily. '
. 'Please wait and try again later.'
)
);
}
}
/**
* Reset count of failed authentication attempts.
*
* Unlock user account and make generation of OAuth tokens possible for this account again.
*
* @param string $userName
* @param int $userType
* @return void
*/
public function resetAuthenticationFailuresCount($userName, $userType)
{
$this->requestLogWriter->resetFailuresCount($userName, $userType);
}
/**
* Increment authentication failures count and lock user account if the limit is reached.
*
* Account will be locked until lock expires.
*
* @param string $userName
* @param int $userType
* @return void
*/
public function logAuthenticationFailure($userName, $userType)
{
$this->requestLogWriter->incrementFailuresCount($userName, $userType);
}
}