How count the user login failed attempt? If user enter the wrong password , count the failed attempts and after 5 failed attempt count show a error message. How it will count?
How count the user login failed attempt? If user enter the wrong password , count the failed attempts and after 5 failed attempt count show a error message. How it will count?
Take a look at the login from the blog-demo.
You can use then users session (Yii::app()->user->setState/getState) to count the attempts.
Add the errormessage to the LoginForm only if failedCount>5;
In the LoginForm.php you can implement something like below:
/**
* Authenticates the password.
* This is the 'authenticate' validator as declared in rules().
*/
public function authenticate($attribute,$params)
{
$this->_identity=new UserIdentity($this->username,$this->password);
if(!$this->_identity->authenticate())
{
$failedCount = Yii::app()->user->hasState('loginFailed') ? Yii::app()->user->getState('loginFailed') : 0;
$failedCount++;
Yii::app()->user->setState('loginFailed',$failedCount);
if($failedCount>5)
{
$this->addError('password','Incorrect username or password.');
//reset for the next 5 attempts
//Yii::app()->user->setState('loginFailed',0);
}
}
else
if(Yii::app()->user->hasState('loginFailed'))
Yii::app()->user->setState('loginFailed',null); //remove from session of login ok
}
Then you can use Yii::app()->user->getState(‘loginFailed’) in the function login() too.
Always return false, if failedCount > xx to lock the user and he has to restart the browser for the next attempts.