public function login($params)
{
if (is_string($params)) {
$params = parse_params($params);
}
$check = $this->app->log_manager->get('no_cache=1&count=1&updated_at=[mt]1 min ago&is_system=y&rel_type=login_failed&user_ip=' . MW_USER_IP);
$url = $this->app->url->current(1);
if ($check == 5) {
$url_href = "<a href='{$url}' target='_blank'>{$url}</a>";
$this->app->log_manager->save('title=User IP ' . MW_USER_IP . ' is blocked for 1 minute for 5 failed logins.&content=Last login url was ' . $url_href . '&is_system=n&rel_type=login_failed&user_ip=' . MW_USER_IP);
}
if ($check > 5) {
$check = $check - 1;
return array('error' => 'There are ' . $check . ' failed login attempts from your IP in the last minute. Try again in 1 minute!');
}
$check2 = $this->app->log_manager->get('no_cache=1&is_system=y&count=1&created_at=[mt]10 min ago&updated_at=[lt]10 min&rel_type=login_failed&user_ip=' . MW_USER_IP);
if ($check2 > 25) {
return array('error' => 'There are ' . $check2 . ' failed login attempts from your IP in the last 10 minutes. You are blocked for 10 minutes!');
}
$login_captcha_enabled = get_option('login_captcha_enabled', 'users') == 'y';
if ($login_captcha_enabled) {
if (!isset($params['captcha'])) {
return array('error' => 'Please enter the captcha answer!');
} else {
$validate_captcha = $this->app->captcha->validate($params['captcha']);
if (!$validate_captcha) {
return array('error' => 'Invalid captcha answer!', 'captcha_error' => true);
}
}
}
$override = $this->app->event_manager->trigger('mw.user.before_login', $params);
$redirect_after = isset($params['redirect']) ? $params['redirect'] : false;
$overiden = false;
$return_resp = false;
if (is_array($override)) {
foreach ($override as $resp) {
if (isset($resp['error']) or isset($resp['success'])) {
$return_resp = $resp;
$overiden = true;
}
}
}
if ($overiden == true and $redirect_after != false) {
return $this->app->url_manager->redirect($redirect_after);
} elseif ($overiden == true) {
return $return_resp;
}
$old_sid = Session::getId();
if (isset($params['username'])) {
$ok = Auth::attempt(['username' => $params['username'], 'password' => $params['password']]);
if (!$ok) {
if ($params['username'] != false and filter_var($params['username'], FILTER_VALIDATE_EMAIL)) {
$ok = Auth::attempt(['email' => $params['username'], 'password' => $params['password']]);
}
}
} elseif (isset($params['email'])) {
$ok = Auth::attempt(['email' => $params['email'], 'password' => $params['password']]);
}
if (!isset($ok)) {
return;
}
if ($ok) {
$user = Auth::login(Auth::user());
$user_data = $this->get_by_id(Auth::user()->id);
$user_data['old_sid'] = $old_sid;
$this->app->event_manager->trigger('mw.user.login', $user_data);
if ($ok && $redirect_after) {
return $this->app->url_manager->redirect($redirect_after);
} elseif ($ok) {
return ['success' => 'You are logged in!'];
}
} else {
$this->login_set_failed_attempt();
}
return array('error' => 'Please enter right username and password!');
}