⚠️ This repo is no longer being maintained.
Yii2 Login Attempts Behavior
Store login failures, and disable after multiple failures., (*1)
Installation
The preferred way to install this extension is through composer., (*2)
Either run, (*3)
composer require ethercreative/yii2-login-attempts-behavior
or add, (*4)
"ethercreative/yii2-login-attempts-behavior": "*"
to the require section of your composer.json
file., (*5)
Usage
Run the following migration, (*6)
php yii migrate --migrationPath="vendor/ethercreative/yii2-login-attempts-behavior/src/migrations" --interactive=0
Add the behavior to your login model., (*7)
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors[] = [
'class' => '\ethercreative\loginattempts\LoginAttemptBehavior',
// Amount of attempts in the given time period
'attempts' => 3,
// the duration, for a regular failure to be stored for
// resets on new failure
'duration' => 300,
// the unit to use for the duration
'durationUnit' = 'second',
// the duration, to disable login after exceeding `attemps`
'disableDuration' => 900,
// the unit to use for the disable duration
'disableDurationUnit' => 'second',
// the attribute used as the key in the database
// and add errors to
'usernameAttribute' => 'email',
// the attribute to check for errors
'passwordAttribute' => 'password',
// the validation message to return to `usernameAttribute`
'message' => 'Login disabled',
];
return $behaviors;
}
Todo
- [ ] Add cache storage
- [ ] Add better DB support
- [ ] Add option for IP (other?) instead of key
- [ ] Add failure delay option
- [ ] More customisable