mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-08 09:06:29 +02:00
Code Issues Releases Wiki Activity

Only throttle login attempts that have wrong credentials

Browse Source
This commit is contained in:
Marco
2016-07-09 00:58:04 +02:00
parent 1979799480
commit a0c07b198c
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/Auth.php
View File

@@ -266,9 +266,6 @@ class Auth {
* @throws AuthError if an internal problem occurred (do *not* catch) * @throws AuthError if an internal problem occurred (do *not* catch)
*/ */
public function login($email, $password, $remember = false) { public function login($email, $password, $remember = false) {
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
$email = isset($email) ? trim($email) : null; $email = isset($email) ? trim($email) : null;
if (empty($email)) { if (empty($email)) {
throw new InvalidEmailException(); throw new InvalidEmailException();
@@ -308,10 +305,16 @@ class Auth {
} }
} }
else { else {
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
throw new InvalidPasswordException(); throw new InvalidPasswordException();
} }
} }
else { else {
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
throw new InvalidEmailException(); throw new InvalidEmailException();
} }
} }