public function login($username, $password, $remember = FALSE)
{
if (empty($password)) {
return FALSE;
}
$user = is_object($username) ? $username : $this->_load_user($username);
if (!$user->loaded()) {
return FALSE;
}
if (isset($this->_config['columns']['failed_attempts']) and isset($this->_config['columns']['last_attempt']) and count(Arr::get($this->_config, 'rate_limits', array()))) {
// rate limiting active
$attempt = 1 + (int) $this->_get_failed_attempts($user);
$last = isset($user->{$this->_config['columns']['last_attempt']}) ? $user->{$this->_config['columns']['last_attempt']} : NULL;
if ($attempt > 1 and !empty($last)) {
ksort($this->_config['rate_limits']);
foreach (array_reverse($this->_config['rate_limits'], TRUE) as $attempts => $time) {
if ($attempt > $attempts) {
if ($last + $time > time()) {
// user has to wait some more before being allowed to login again
throw new A1_Rate_Exception('Login not allowed. Rate limit active', $last + $time);
} else {
break;
}
}
}
}
}
return $this->check_password($user, $password) ? $this->complete_login($user, $remember) : $this->failed_login($user);
}