RdbAdmin Module

UserLoginsDb extends BaseModel
in package

User logins DB model.

Working on track login sessions including device cookie for prevent brute-force attack.

Tags
author

mr.v

Table of Contents

Properties

$allowedSort  : array<string|int, mixed>
$dcLockoutListResult  : array<string|int, mixed>|null
$tableName  : string
$userLoginsResult  : array<string|int, mixed>|null

Methods

__construct()  : mixed
Class constructor
__get()  : mixed
Magic __get
dcCountFailedAttemptInPeriod()  : int
Count the number of failed authentication within time period from both device cookie or untrusted clients.
dcIsInLockoutList()  : bool
Check if current user is in lockout list.
dcLockoutUser()  : mixed
Lockout the client from enter the credential for `user_id`.
delete()  : bool
Delete user logins.
generateSessionKey()  : string
Generate session key that must NOT duplicate with any session key for certain user.
isUserLoggedIn()  : bool|int
Check if user is logged in.
listItems()  : array<string|int, mixed>
List user logins.
recordLogins()  : mixed
Record login attempts.

Properties

$allowedSort

protected array<string|int, mixed> $allowedSort = ['userlogin_id', 'user_id', 'userlogin_session_key', 'userlogin_ua', 'userlogin_ip', 'userlogin_date', 'userlogin_date_gmt', 'userlogin_dc_sign', 'userlogin_dc_lockout', 'userlogin_dc_lockout_until', 'userlogin_dc_lockout_until_gmt', 'userlogin_result', 'userlogin_result_text', 'userlogin_result_text_data']

Allowed sort columns in db.

$dcLockoutListResult

protected array<string|int, mixed>|null $dcLockoutListResult

The result that have got from called to dcIsInLockoutList() method.

$tableName

protected string $tableName

Table name that already added prefix.

$userLoginsResult

protected array<string|int, mixed>|null $userLoginsResult

User logins results data.

Methods

__construct()

Class constructor

public __construct(Container $Container) : mixed
Parameters
$Container : Container
Tags
inheritDoc

__get()

Magic __get

public __get(mixed $name) : mixed
Parameters
$name : mixed

dcCountFailedAttemptInPeriod()

Count the number of failed authentication within time period from both device cookie or untrusted clients.

public dcCountFailedAttemptInPeriod(int $timePeriod[, array<string|int, mixed> $where = [] ]) : int
Parameters
$timePeriod : int

The time period in minutes.

$where : array<string|int, mixed> = []

The associative array where key is field.

Return values
int

Return total number of failed authentication counted.

dcIsInLockoutList()

Check if current user is in lockout list.

public dcIsInLockoutList([string $user_login_email = null ][, string $userlogin_dc_sign = null ]) : bool

If device cookie signature is specified, then it will check for specific device cookie.
If device cookie is null then it will check for untrusted clients.
After you called to this method, you can access its value via dcLockoutListResult property.

Parameters
$user_login_email : string = null

The input login identity (username or email depend on how system use it).

$userlogin_dc_sign : string = null

The device cookie signature.

Return values
bool

Return true if it is in lockout list, false if it is not.

dcLockoutUser()

Lockout the client from enter the credential for `user_id`.

public dcLockoutUser(int $timePeriod, array<string|int, mixed> $data, array<string|int, mixed> $where) : mixed

This will be lockout both device cookie or untrusted clients depend on who is trying to login with wrong credentials.

Parameters
$timePeriod : int

The time period in minutes.

$data : array<string|int, mixed>

The data to update.

$where : array<string|int, mixed>

The sql where conditions.

delete()

Delete user logins.

public delete([array<string|int, mixed> $where = [] ]) : bool
Parameters
$where : array<string|int, mixed> = []

The condition to delete.

Return values
bool

Return true on success, false for otherwise.

generateSessionKey()

Generate session key that must NOT duplicate with any session key for certain user.

public generateSessionKey(int $user_id) : string

This method should be called once check login success.
This method did not update, insert the session key to DB.

Parameters
$user_id : int

The user id to check.

Return values
string

Return generated session key.

isUserLoggedIn()

Check if user is logged in.

public isUserLoggedIn(int $user_id[, array<string|int, mixed> $where = [] ]) : bool|int

If result is passed (true or number of sessions), you can access its data via userLoginsResult property.

Parameters
$user_id : int

The user ID.

$where : array<string|int, mixed> = []

The associative array where key is db column to check and value is its value that must be matched in the db value.

Return values
bool|int

Return false if not logged in or check failed,
Return true if logged in or check passed and there is only 1 login session,
Return number (int) of login sessions if there are more than 1 sessions that logged in.

listItems()

List user logins.

public listItems([array<string|int, mixed> $options = [] ]) : array<string|int, mixed>
Parameters
$options : array<string|int, mixed> = []

The associative array options. Available options keys:
search (string) the search term,
where (array) the where conditions where key is column name and value is its value,
sortOrders (array) the sort order where sort key is column name, order key is mysql order (ASC, DESC),
unlimited (bool) set to true to show unlimited items, unset or set to false to show limited items,
limit (int) limit items per page. maximum is 100,
offset (int) offset or start at record. 0 is first record,

Return values
array<string|int, mixed>

Return associative array with total and items in keys.

recordLogins()

Record login attempts.

public recordLogins(array<string|int, mixed> $data) : mixed
Parameters
$data : array<string|int, mixed>

Associative array where key is matched table field. The required keys are user_id, userlogin_result.
If userlogin_result is 0 then userlogin_result_text key is required.
The userlogin_result_text key should NOT be translated but will be able to translated later.
So, if userlogin_result_text key contains some replacement string such as %s then it should be as is raw data without replace anything.
To keep replace data, add them into userlogin_result_text_data key.
It will be replace and translate later on display logins page.
Example: $data['userlogin_result_text'] = 'Your account has been disabled since %s.';
$data['userlogin_result_text_data'] = serialize([date('Y-m-d H:i:s')]);

Tags
throws
InvalidArgumentException
Return values
mixed

Return the inserted ID on success, false on failure.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results