archive
/
poidsy
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 2 Wiki Activity
Browse Source

Reduce throttle counter on successful login. Fixes issue #14.

tags/0.6
Chris Smith 14 years ago
parent
36a2af7c5f
commit
80a4f2a7d5
1 changed files with 38 additions and 8 deletions
Split View Show Diff Stats
  1. 38
    8
      processor.php

+ 38
- 8
processor.php View File 

@@ -94,23 +94,33 @@
94 94 
   }
95 95 
  }
96 96
97 
+ /**
98 
+  * Retrieves or creates the 'requests' session array, which tracks the number
99 
+  * of authentication attempts the user has made recently.
100 
+  *
101 
+  * @return An array (by reference) containing details about recent requests
102 
+  */
103 
+ function &getRequests() {
104 
+  if (!isset($_SESSION['openid']['requests'])) {
105 
+   $_SESSION['openid']['requests'] = array('lasttime' => 0, 'count' => 0);
106 
+  }
107 
+
108 
+  return $_SESSION['openid']['requests'];
109 
+ }
110 
+
97 111 
  /**
98 112 
   * Checks that the user isn't making requests too frequently, and redirects
99 113 
   * them with an appropriate error if they are.
100 114 
   *
101 115 
   * @return An array containing details about the requests that have been made
102 116 
   */
103 
- function checkRequests() {
104 
-  if (isset($_SESSION['openid']['requests'])) {
105 
-   $requests = $_SESSION['openid']['requests'];
106 
-  } else {
107 
-   $requests = array('lasttime' => 0, 'count' => 0);
108 
-  }
117 
+ function &checkRequests() {
118 
+  $requests = getRequests();
109 119
110 120 
   if ($requests['lasttime'] < time() - OPENID_THROTTLE_GAP) {
111 121
112 122 
    // Last request was a while ago, reset the timer
113 
-   $requests['count'] = 0;
123 
+   resetRequests();
114 124
115 125 
   } else if ($requests['count'] > OPENID_THROTTLE_NUM) {
116 126 
 
@@ -127,6 +137,25 @@
127 137 
   return $requests;
128 138 
  }
129 139
140 
+ /**
141 
+  * Resets the recent requests counter (for example, after the required time
142 
+  * has ellapsed, or after the user has successfully logged in).
143 
+  *
144 
+  * @param $decrement If true, the count will be decremented instead of cleared
145 
+  * @return A copy of the requests array
146 
+  */
147 
+ function &resetRequests($decrement = false) {
148 
+  $requests = getRequests();
149 
+
150 
+  if ($decrement) {
151 
+   $requests['count'] = max($requests['count'] - 1, 0);
152 
+  } else {
153 
+   $requests['count'] = 0;
154 
+  }
155 
+
156 
+  return $requests;
157 
+ }
158 
+
130 159 
  /**
131 160 
   * Attempts to perform discovery on the specified URL, redirecting the user
132 161 
   * with an appropriate error if discovery fails.
 
@@ -254,6 +283,7 @@
254 283 
     if ($disc->hasServer($_SESSION['openid']['server'])) {
255 284 
      $_SESSION['openid']['identity'] = $_REQUEST['openid_identity'];
256 285 
      $_SESSION['openid']['delegate'] = $_REQUEST['openid_claimed_id'];
286 
+     resetRequests(true);
257 287 
     } else {
258 288 
      error('diffid', 'The OP at ' . $_SESSION['openid']['server'] . ' is attmpting to claim ' . $_REQUEST['openid_claimed_id'] . ' but ' . ($disc->getServer() == null ? 'that isn\'t a valid identifier' : 'that identifier only authorises ' . $disc->getServer()));
259 289 
     }
 
@@ -288,7 +318,7 @@
288 318 
   }
289 319
290 320 
   parseSRegResponse();
291 
-  URLBuilder::redirect();
321 
+  URLBuilder::redirect();
292 322 
  }
293 323
294 324 
  /**

Write Preview
Loading…
Cancel
Save