Merge pull request #2561 from TomSpeak/patch-3

BUG FailedLoginCount reset
This commit is contained in:
Ingo Schommer 2013-10-18 07:20:48 -07:00
commit 36e7282f6f
2 changed files with 48 additions and 1 deletions

View File

@ -1412,6 +1412,7 @@ class Member extends DataObject implements TemplateGlobalProvider {
if($this->FailedLoginCount >= self::config()->lock_out_after_incorrect_logins) {
$lockoutMins = self::config()->lock_out_delay_mins;
$this->LockedOutUntil = date('Y-m-d H:i:s', time() + $lockoutMins*60);
$this->FailedLoginCount = 0;
$this->write();
}
}

View File

@ -698,6 +698,52 @@ class MemberTest extends FunctionalTest {
);
}
public function testFailedLoginCount() {
$maxFailedLoginsAllowed = 3;
//set up the config variables to enable login lockouts
Config::nest();
Config::inst()->update('Member', 'lock_out_after_incorrect_logins', $maxFailedLoginsAllowed);
$member = $this->objFromFixture('Member', 'test');
$failedLoginCount = $member->FailedLoginCount;
for ($i = 1; $i < $maxFailedLoginsAllowed; ++$i) {
$member->registerFailedLogin();
$this->assertEquals(
++$failedLoginCount,
$member->FailedLoginCount,
'Failed to increment $member->FailedLoginCount'
);
$this->assertFalse(
$member->isLockedOut(),
"Member has been locked out too early"
);
}
//fail login until max login attempts is reached
$member->FailedLoginCount = 0;
for ($i = 0; $i < $maxFailedLoginsAllowed; ++$i) {
$member->registerFailedLogin();
}
//check to see if they've been locked out
$this->assertTrue(
$member->isLockedOut(),
'Member was not locked out when max logins met'
);
//after they're locked out, need to check FailedLoginCount was reset to 0
$this->assertEquals(
$member->FailedLoginCount,
0,
'Failed login count was not reset after lockout'
);
//test all done, unnest config
Config::unnest();
}
}
class MemberTest_ViewingAllowedExtension extends DataExtension implements TestOnly {