Cartalyst\Sentinel\Throttling\ThrottleRepositoryInterface::userDelay PHP Method

userDelay() public method

Returns the throttling delay for the given user, in seconds.
public userDelay ( Cartalyst\Sentinel\Users\UserInterface $user ) : integer
$user Cartalyst\Sentinel\Users\UserInterface
return integer
    public function userDelay(UserInterface $user);

Usage Example

 /**
  * Checks the throttling status of the given user.
  *
  * @param  string  $action
  * @param  \Cartalyst\Sentinel\Users\UserInterface|null  $user
  * @return bool
  */
 protected function checkThrottling($action, UserInterface $user = null)
 {
     // If we are just checking an existing logged in person, the global delay
     // shouldn't stop them being logged in at all. Only their IP address and
     // user a
     if ($action === 'login') {
         $globalDelay = $this->throttle->globalDelay();
         if ($globalDelay > 0) {
             $this->throwException("Too many unsuccessful attempts have been made globally, logins are locked for another [{$globalDelay}] second(s).", 'global', $globalDelay);
         }
     }
     // Suspicious activity from a single IP address will not only lock
     // logins but also any logged in users from that IP address. This
     // should deter a single hacker who may have guessed a password
     // within the configured throttling limit.
     if (isset($this->ipAddress)) {
         $ipDelay = $this->throttle->ipDelay($this->ipAddress);
         if ($ipDelay > 0) {
             $this->throwException("Suspicious activity has occured on your IP address and you have been denied access for another [{$ipDelay}] second(s).", 'ip', $ipDelay);
         }
     }
     // We will only suspend people logging into a user account. This will
     // leave the logged in user unaffected. Picture a famous person who's
     // account is being locked as they're logged in, purely because
     // others are trying to hack it.
     if ($action === 'login' && isset($user)) {
         $userDelay = $this->throttle->userDelay($user);
         if ($userDelay > 0) {
             $this->throwException("Too many unsuccessful login attempts have been made against your account. Please try again after another [{$userDelay}] second(s).", 'user', $userDelay);
         }
     }
     return true;
 }