You are here

public function SocialUserLoginForm::validateFinal in Open Social 8.6

Same name and namespace in other branches
  1. 8.9 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  2. 8 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  3. 8.2 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  4. 8.3 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  5. 8.4 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  6. 8.5 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  7. 8.7 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  8. 8.8 modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  9. 10.3.x modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  10. 10.0.x modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  11. 10.1.x modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()
  12. 10.2.x modules/social_features/social_user/src/Form/SocialUserLoginForm.php \Drupal\social_user\Form\SocialUserLoginForm::validateFinal()

Checks if user was not authenticated, or if too many logins were attempted.

This validation function should always be the last one.

Overrides UserLoginForm::validateFinal

File

modules/social_features/social_user/src/Form/SocialUserLoginForm.php, line 211

Class

SocialUserLoginForm
Class SocialUserLoginForm.

Namespace

Drupal\social_user\Form

Code

public function validateFinal(array &$form, FormStateInterface $form_state) {
  $flood_config = $this
    ->config('user.flood');
  if (!$form_state
    ->get('uid')) {

    // Set general error message to not leak privacy information.
    $this
      ->setGeneralErrorMessage($form, $form_state);

    // Always register an IP-based failed login event.
    $this->flood
      ->register('user.failed_login_ip', $flood_config
      ->get('ip_window'));

    // Register a per-user failed login event.
    if ($flood_control_user_identifier = $form_state
      ->get('flood_control_user_identifier')) {
      $this->flood
        ->register('user.failed_login_user', $flood_config
        ->get('user_window'), $flood_control_user_identifier);
    }
    $flood_control_triggered = $form_state
      ->get('flood_control_triggered');
    if (!$flood_control_triggered) {
      $name = $form_state
        ->getValue('name_or_mail');
      $accounts = $this->userStorage
        ->loadByProperties([
        'mail' => $form_state
          ->getValue('name_or_mail'),
        'status' => 1,
      ]);
      $account = reset($accounts);
      if ($account) {
        $name = $account
          ->getAccountName();
      }
      $accounts = $this->userStorage
        ->loadByProperties([
        'name' => $name,
      ]);
      if (!empty($accounts)) {
        $this
          ->logger('user')
          ->notice('Login attempt failed for %user.', [
          '%user' => $name,
        ]);
      }
      else {

        // If the username entered is not a valid user,
        // only store the IP address.
        $this
          ->logger('user')
          ->notice('Login attempt failed from %ip.', [
          '%ip' => $this
            ->getRequest()
            ->getClientIp(),
        ]);
      }
    }
  }
  elseif ($flood_control_user_identifier = $form_state
    ->get('flood_control_user_identifier')) {

    // Clear past failures for this user so as not to block a user who might
    // log in and out more than once in an hour.
    $this->flood
      ->clear('user.failed_login_user', $flood_control_user_identifier);
  }
}