mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-04 17:21:39 +09:00
Fix #1232 allow multiple auth attempts in a configured time
This commit is contained in:
Kijin Sung
parent
3bccc9ff2d
commit
ecd8cd3ded
6 changed files with 41 additions and 6 deletions
|
|
@ -55,6 +55,8 @@ $lang->enable_confirm = 'Email Activation';
|
|||
$lang->enable_find_account_question = 'Account recovery using question/answer';
|
||||
$lang->enable_ssl = 'Enable SSL';
|
||||
$lang->msg_email_confirmation_required = 'A confirmation e-mail will be sent. Please check your email address carefully.';
|
||||
$lang->cmd_authmail_expires = 'Activation Email Expiry';
|
||||
$lang->about_authmail_expires = 'Activation emails and password reset emails can be set to expire after a certain time.';
|
||||
$lang->security_sign_in = 'Sign in using enhanced security';
|
||||
$lang->member_limited = 'Limited';
|
||||
$lang->limit_day = 'Temporary Limit Date';
|
||||
|
|
@ -225,7 +227,7 @@ $lang->about_emailhost_check = 'Empty value will allow almost all email account
|
|||
$lang->about_form_description = 'If you enter description in this form, it will be displayed on join form.';
|
||||
$lang->about_required = 'Check this to make it mandatory item when signing up.';
|
||||
$lang->about_enable_join = 'Please check this if you want to allow new members to sign up your site.';
|
||||
$lang->about_enable_confirm = 'Please check if you want new members to activate their accounts via their emails.';
|
||||
$lang->about_enable_confirm = 'An activation email will be sent to new members. They must click a link in the email to complete the sign up process.';
|
||||
$lang->about_enable_find_account_question = 'Check if you want to allow members to recover their accounts using a security question and answer.';
|
||||
$lang->about_enable_ssl = 'Personal information from Sign up/Modify Member Info/Sign in can be sent as SSL(https) mode if server provides SSL service.';
|
||||
$lang->about_limit_day = 'You can limit activation date after sign up';
|
||||
|
|
|
|||
|
|
@ -55,6 +55,8 @@ $lang->enable_confirm = '메일 인증 사용';
|
|||
$lang->enable_find_account_question = '질문/답변 인증 사용';
|
||||
$lang->enable_ssl = 'SSL 기능 사용';
|
||||
$lang->msg_email_confirmation_required = '인증 메일이 발송되니 정확하게 입력해 주시기 바랍니다.';
|
||||
$lang->cmd_authmail_expires = '인증 메일 유효기간';
|
||||
$lang->about_authmail_expires = '가입 인증 메일, 아이디/비번 찾기 등의 유효기간을 제한할 수 있습니다.';
|
||||
$lang->security_sign_in = '보안로그인 사용';
|
||||
$lang->member_limited = '임시 제한';
|
||||
$lang->limit_day = '임시 제한 일자';
|
||||
|
|
@ -233,7 +235,7 @@ $lang->about_emailhost_check = '입력한 호스트네임이 없으면, 이 기
|
|||
$lang->about_form_description = '설명란에 입력을 하면 가입시 표시가 됩니다.';
|
||||
$lang->about_required = '체크하면 회원가입시 필수항목으로 입력하도록 됩니다.';
|
||||
$lang->about_enable_join = '체크하면 회원가입을 할 수 있습니다.';
|
||||
$lang->about_enable_confirm = '입력된 메일 주소로 인증 메일을 보내 회원 가입을 확인합니다. 가입자가 인증메일을 통해 인증절차를 완료해야만 정상적으로 로그인이 가능해집니다.';
|
||||
$lang->about_enable_confirm = '입력된 메일 주소로 인증 메일을 보내 회원 가입을 확인합니다. 가입자가 인증 메일의 링크를 클릭해야 정상적으로 로그인이 가능해집니다.';
|
||||
$lang->about_enable_find_account_question = '질문/답변을 통한 비밀번호 찾기를 허용합니다. 허용하지 않을 경우 메일을 통한 비밀번호 리셋만 허용됩니다.';
|
||||
$lang->about_enable_ssl = '서버에서 보안접속(SSL) 지원이 될 경우 회원가입, 정보수정, 로그인 등의 개인정보가 서버로 보내질 때 SSL(https)을 이용하도록 할 수 있습니다.';
|
||||
$lang->about_limit_day = '회원 가입 후 정해진 일자동안 인증 제한을 할 수 있습니다.';
|
||||
|
|
|
|||
|
|
@ -195,6 +195,8 @@ class memberAdminController extends member
|
|||
$args = Context::gets(
|
||||
'enable_join',
|
||||
'enable_confirm',
|
||||
'authmail_expires',
|
||||
'authmail_expires_unit',
|
||||
'password_strength',
|
||||
'password_hashing_algorithm',
|
||||
'password_hashing_work_factor',
|
||||
|
|
@ -205,6 +207,17 @@ class memberAdminController extends member
|
|||
'member_profile_view'
|
||||
);
|
||||
|
||||
$args->authmail_expires = max(0, intval($args->authmail_expires));
|
||||
if(!$args->authmail_expires)
|
||||
{
|
||||
$args->authmail_expires = 1;
|
||||
}
|
||||
$args->authmail_expires_unit = intval($args->authmail_expires_unit);
|
||||
if(!in_array($args->authmail_expires_unit, [1, 60, 3600, 86400]))
|
||||
{
|
||||
$args->authmail_expires_unit = 86400;
|
||||
}
|
||||
|
||||
if(!array_key_exists($args->password_hashing_algorithm, Rhymix\Framework\Password::getSupportedAlgorithms()))
|
||||
{
|
||||
$args->password_hashing_algorithm = 'md5';
|
||||
|
|
|
|||
|
|
@ -69,6 +69,8 @@ class member extends ModuleObject {
|
|||
if(!$config->profile_image_max_width) $config->profile_image_max_width = '90';
|
||||
if(!$config->profile_image_max_height) $config->profile_image_max_height = '90';
|
||||
if($config->group_image_mark!='Y') $config->group_image_mark = 'N';
|
||||
if(!$config->authmail_expires) $config->authmail_expires = 3;
|
||||
if(!$config->authmail_expires_unit) $config->authmail_expires_unit = 86400;
|
||||
if(!$config->password_strength) $config->password_strength = 'normal';
|
||||
|
||||
if(!$config->password_hashing_algorithm)
|
||||
|
|
|
|||
|
|
@ -1660,7 +1660,8 @@ class memberController extends member
|
|||
function procMemberAuthAccount()
|
||||
{
|
||||
$oMemberModel = getModel('member');
|
||||
|
||||
$config = $oMemberModel->getMemberConfig();
|
||||
|
||||
// Test user_id and authkey
|
||||
$member_srl = Context::get('member_srl');
|
||||
$auth_key = Context::get('auth_key');
|
||||
|
|
@ -1692,7 +1693,8 @@ class memberController extends member
|
|||
throw new Rhymix\Framework\Exception('msg_invalid_auth_key');
|
||||
}
|
||||
|
||||
if(ztime($output->data->regdate) < time() - (86400 * 3))
|
||||
$expires = (intval($config->authmail_expires) * intval($config->authmail_expires_unit)) ?: 86400;
|
||||
if(ztime($output->data->regdate) < time() - $expires)
|
||||
{
|
||||
executeQuery('member.deleteAuthMail', $args);
|
||||
throw new Rhymix\Framework\Exception('msg_expired_auth_key');
|
||||
|
|
@ -1717,8 +1719,9 @@ class memberController extends member
|
|||
return $output;
|
||||
}
|
||||
|
||||
// Remove all values having the member_srl from authentication table
|
||||
executeQuery('member.deleteAuthMail',$args);
|
||||
// 인증 정보를 여기서 삭제하지 않고 로그인 시점에 삭제되도록 함
|
||||
// https://github.com/rhymix/rhymix/issues/1232
|
||||
// executeQuery('member.deleteAuthMail', $args);
|
||||
|
||||
$this->_clearMemberCache($args->member_srl);
|
||||
|
||||
|
|
|
|||
|
|
@ -20,6 +20,19 @@
|
|||
<p class="x_help-block">{$lang->about_enable_confirm}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="x_control-group">
|
||||
<label class="x_control-label">{$lang->cmd_authmail_expires}</label>
|
||||
<div class="x_controls">
|
||||
<input type="number" name="authmail_expires" value="{$config->authmail_expires ?: 1}" />
|
||||
<select name="authmail_expires_unit" style="width:auto;min-width:0">
|
||||
<option value="86400" selected="selected"|cond="$config->authmail_expires_unit == 86400">{$lang->unit_day}</option>
|
||||
<option value="3600" selected="selected"|cond="$config->authmail_expires_unit == 3600">{$lang->unit_hour}</option>
|
||||
<option value="60" selected="selected"|cond="$config->authmail_expires_unit == 60">{$lang->unit_min}</option>
|
||||
<option value="1" selected="selected"|cond="$config->authmail_expires_unit == 1">{$lang->unit_sec}</option>
|
||||
</select>
|
||||
<p class="x_help-block">{$lang->about_authmail_expires}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="x_control-group">
|
||||
<div class="x_control-label">{$lang->cmd_member_profile_view}</div>
|
||||
<div class="x_controls">
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue