You are here

class UserFloodControl in Drupal 9

User Flood Control service.

@see: \Drupal\Core\Flood\DatabaseBackend

Hierarchy

Expanded class hierarchy of UserFloodControl

1 string reference to 'UserFloodControl'
user.services.yml in core/modules/user/user.services.yml
core/modules/user/user.services.yml
1 service uses UserFloodControl
user.flood_control in core/modules/user/user.services.yml
Drupal\user\UserFloodControl

File

core/modules/user/src/UserFloodControl.php, line 16

Namespace

Drupal\user
View source
class UserFloodControl implements UserFloodControlInterface {

  /**
   * The decorated flood service.
   *
   * @var \Drupal\Core\Flood\FloodInterface
   */
  protected $flood;

  /**
   * Event dispatcher.
   *
   * @var \Symfony\Contracts\EventDispatcher\EventDispatcherInterface
   */
  protected $eventDispatcher;

  /**
   * The request stack.
   *
   * @var \Symfony\Component\HttpFoundation\RequestStack
   */
  protected $requestStack;

  /**
   * Construct the UserFloodControl.
   *
   * @param \Drupal\Core\Flood\FloodInterface $flood
   *   The flood service.
   * @param \Symfony\Contracts\EventDispatcher\EventDispatcherInterface $event_dispatcher
   *   The event dispatcher service.
   * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
   *   The request stack used to retrieve the current request.
   */
  public function __construct(FloodInterface $flood, EventDispatcherInterface $event_dispatcher, RequestStack $request_stack) {
    $this->flood = $flood;
    $this->eventDispatcher = $event_dispatcher;
    $this->requestStack = $request_stack;
  }

  /**
   * {@inheritdoc}
   */
  public function isAllowed($name, $threshold, $window = 3600, $identifier = NULL) {
    if ($this->flood
      ->isAllowed($name, $threshold, $window, $identifier)) {
      return TRUE;
    }

    // Register flood control blocked login event.
    $event_map['user.failed_login_ip'] = UserEvents::FLOOD_BLOCKED_IP;
    $event_map['user.failed_login_user'] = UserEvents::FLOOD_BLOCKED_USER;
    $event_map['user.http_login'] = UserEvents::FLOOD_BLOCKED_USER;
    if (isset($event_map[$name])) {
      if (empty($identifier)) {
        $identifier = $this->requestStack
          ->getCurrentRequest()
          ->getClientIp();
      }
      $event = new UserFloodEvent($name, $threshold, $window, $identifier);
      $this->eventDispatcher
        ->dispatch($event, $event_map[$name]);
    }
    return FALSE;
  }

  /**
   * {@inheritdoc}
   */
  public function register($name, $window = 3600, $identifier = NULL) {
    return $this->flood
      ->register($name, $window, $identifier);
  }

  /**
   * {@inheritdoc}
   */
  public function clear($name, $identifier = NULL) {
    return $this->flood
      ->clear($name, $identifier);
  }

  /**
   * {@inheritdoc}
   */
  public function garbageCollection() {
    return $this->flood
      ->garbageCollection();
  }

}

Members

Namesort descending Modifiers Type Description Overrides
UserFloodControl::$eventDispatcher protected property Event dispatcher.
UserFloodControl::$flood protected property The decorated flood service.
UserFloodControl::$requestStack protected property The request stack.
UserFloodControl::clear public function Makes the flood control mechanism forget an event for the current visitor. Overrides FloodInterface::clear
UserFloodControl::garbageCollection public function Cleans up expired flood events. This method is called automatically on cron run. Overrides FloodInterface::garbageCollection
UserFloodControl::isAllowed public function Checks whether a user is allowed to proceed with the specified event. Overrides FloodInterface::isAllowed
UserFloodControl::register public function Registers an event for the current visitor to the flood control mechanism. Overrides FloodInterface::register
UserFloodControl::__construct public function Construct the UserFloodControl.