function check_login_ability($preauth = false)
{
$ip = jetpack_protect_get_ip();
/**
* Short-circuit check_login_ability.
*
* If there is an alternate way to validate the current IP such as
* a hard-coded list of IP addresses, we can short-circuit the rest
* of the login ability checks and return true here.
*
* @module protect
*
* @since 4.4.0
*
* @param bool false Should we allow all logins for the current ip? Default: false
*/
if (apply_filters('jpp_allow_login', false, $ip)) {
return true;
}
$headers = $this->get_headers();
$header_hash = md5(json_encode($headers));
$transient_name = 'jpp_li_' . $header_hash;
$transient_value = $this->get_transient($transient_name);
if (jetpack_protect_ip_is_private($ip)) {
return true;
}
if ($this->ip_is_whitelisted($ip)) {
return true;
}
// Check out our transients
if (isset($transient_value) && 'ok' == $transient_value['status']) {
return true;
}
if (isset($transient_value) && 'blocked' == $transient_value['status']) {
$this->block_with_math();
}
if (isset($transient_value) && 'blocked-hard' == $transient_value['status']) {
$this->kill_login();
}
// If we've reached this point, this means that the IP isn't cached.
// Now we check with the Protect API to see if we should allow login
$response = $this->protect_call($action = 'check_ip');
if (isset($response['math']) && !function_exists('brute_math_authenticate')) {
include_once dirname(__FILE__) . '/protect/math-fallback.php';
new Jetpack_Protect_Math_Authenticate();
return false;
}
if ('blocked' == $response['status']) {
$this->block_with_math();
}
if ('blocked-hard' == $response['status']) {
$this->kill_login();
}
return true;
}