diff --git a/Controller/ApiController.php b/Controller/ApiController.php index 1692ca7..14b66be 100755 --- a/Controller/ApiController.php +++ b/Controller/ApiController.php @@ -780,11 +780,6 @@ final class ApiController extends Controller new \Modules\Profile\Models\Profile($account), $request ); - - $this->updateModel($request->header->account, $old, $account, function () use ($account) : void { - $account->setLoginTries((int) $this->app->appSettings->get(null, SettingsEnum::LOGIN_TRIES)['content']); - AccountMapper::update($account); - }, 'account', $request->getOrigin()); } /** diff --git a/Models/Account.php b/Models/Account.php index 71b4b26..7754940 100755 --- a/Models/Account.php +++ b/Models/Account.php @@ -30,31 +30,5 @@ class Account extends \phpOMS\Account\Account * @var int * @since 1.0.0 */ - protected int $tries = 0; - - /** - * Get remaining login tries - * - * @return int - * - * @since 1.0.0 - */ - public function getLoginTries() : int - { - return $this->tries; - } - - /** - * Set remaining login tries - * - * @param int $tries Remaining login tries - * - * @return void - * - * @since 1.0.0 - */ - public function setLoginTries(int $tries = 0) : void - { - $this->tries = $tries; - } + public int $tries = 0; } diff --git a/Models/AccountMapper.php b/Models/AccountMapper.php index 802578a..40507d6 100755 --- a/Models/AccountMapper.php +++ b/Models/AccountMapper.php @@ -45,6 +45,7 @@ final class AccountMapper extends DataMapperAbstract 'account_name2' => ['name' => 'account_name2', 'type' => 'string', 'internal' => 'name2', 'autocomplete' => true, 'annotations' => ['gdpr' => true]], 'account_name3' => ['name' => 'account_name3', 'type' => 'string', 'internal' => 'name3', 'autocomplete' => true, 'annotations' => ['gdpr' => true]], 'account_password' => ['name' => 'account_password', 'type' => 'string', 'internal' => 'password', 'writeonly' => true], + 'account_password_temp' => ['name' => 'account_password_temp', 'type' => 'string', 'internal' => 'tempPassword', 'writeonly' => true], 'account_email' => ['name' => 'account_email', 'type' => 'string', 'internal' => 'email', 'autocomplete' => true, 'annotations' => ['gdpr' => true]], 'account_tries' => ['name' => 'account_tries', 'type' => 'int', 'internal' => 'tries'], 'account_lactive' => ['name' => 'account_lactive', 'type' => 'DateTime', 'internal' => 'lastActive'], @@ -157,12 +158,13 @@ final class AccountMapper extends DataMapperAbstract * * @param string $login Username * @param string $password Password + * @param int $tries Allowed login tries * * @return int Login code * * @since 1.0.0 */ - public static function login(string $login, string $password) : int + public static function login(string $login, string $password, int $tries = 3) : int { if (empty($password)) { return LoginReturnType::WRONG_PASSWORD; @@ -184,7 +186,7 @@ final class AccountMapper extends DataMapperAbstract $result = $result[0]; - if ($result['account_tries'] <= 0) { + if ($result['account_tries'] >= $tries) { return LoginReturnType::WRONG_INPUT_EXCEEDED; } @@ -198,7 +200,10 @@ final class AccountMapper extends DataMapperAbstract if (\password_verify($password, $result['account_password'] ?? '')) { $query->update('account') - ->set(['account_lactive' => new \DateTime('now')]) + ->set([ + 'account_lactive' => new \DateTime('now'), + 'account_tries' => 0, + ]) ->where('account_login', '=', $login) ->execute(); @@ -212,6 +217,7 @@ final class AccountMapper extends DataMapperAbstract ->set([ 'account_password_temp' => '', 'account_lactive' => new \DateTime('now'), + 'account_tries' => 0, ]) ->where('account_login', '=', $login) ->execute(); @@ -219,6 +225,14 @@ final class AccountMapper extends DataMapperAbstract return $result['account_id']; } + $query->update('account') + ->set([ + 'account_lactive' => new \DateTime('now'), + 'account_tries' => $result['account_tries'] + 1, + ]) + ->where('account_login', '=', $login) + ->execute(); + return LoginReturnType::WRONG_PASSWORD; } catch (\Exception $e) { return LoginReturnType::FAILURE; // @codeCoverageIgnore diff --git a/tests/Models/AccountMapperTest.php b/tests/Models/AccountMapperTest.php index ef1de74..c4a6d89 100755 --- a/tests/Models/AccountMapperTest.php +++ b/tests/Models/AccountMapperTest.php @@ -41,7 +41,7 @@ class AccountMapperTest extends \PHPUnit\Framework\TestCase $account->name1 = 'Donald'; $account->name2 = 'Fauntleroy'; $account->name3 = 'Duck'; - $account->setLoginTries(3); + $account->tries = 0; $account->setEmail('d.duck@duckburg.com'); $account->setStatus(AccountStatus::ACTIVE); $account->setType(AccountType::USER); @@ -59,7 +59,7 @@ class AccountMapperTest extends \PHPUnit\Framework\TestCase self::assertEquals($account->getStatus(), $accountR->getStatus()); self::assertEquals($account->getType(), $accountR->getType()); self::assertEquals($account->getEmail(), $accountR->getEmail()); - self::assertEquals($account->getLoginTries(), $accountR->getLoginTries()); + self::assertEquals($account->tries, $accountR->tries); } /** @@ -109,12 +109,12 @@ class AccountMapperTest extends \PHPUnit\Framework\TestCase public function testInvalidLoginTries() : void { $accountR = AccountMapper::get(1); - $accountR->setLoginTries(0); + $accountR->tries = 0; AccountMapper::update($accountR); self::assertEquals(LoginReturnType::WRONG_INPUT_EXCEEDED, AccountMapper::login($accountR->login, 'orange')); - $accountR->setLoginTries(3); + $accountR->tries = 3; AccountMapper::update($accountR); } diff --git a/tests/Models/AccountTest.php b/tests/Models/AccountTest.php index afd4f6b..e6312ab 100755 --- a/tests/Models/AccountTest.php +++ b/tests/Models/AccountTest.php @@ -31,7 +31,7 @@ class AccountTest extends \PHPUnit\Framework\TestCase public function testDefault() : void { $account = new Account(); - self::assertEquals(0, $account->getLoginTries()); + self::assertEquals(0, $account->tries); } /** @@ -43,7 +43,7 @@ class AccountTest extends \PHPUnit\Framework\TestCase { $account = new Account(); - $account->setLoginTries(3); - self::assertEquals(3, $account->getLoginTries()); + $account->tries = 3; + self::assertEquals(3, $account->tries); } }