ethercreative / yii2-login-attempts-behavior
Disable login after multiple failures.
Installs: 3 370
Dependents: 0
Suggesters: 0
Security: 0
Stars: 10
Watchers: 5
Forks: 8
Open Issues: 2
Requires
- yiisoft/yii2: *
This package is not auto-updated.
Last update: 2024-04-28 02:33:00 UTC
README
Yii2 Login Attempts Behavior
Store login failures, and disable after multiple failures.
Installation
The preferred way to install this extension is through composer.
Either run
composer require ethercreative/yii2-login-attempts-behavior
or add
"ethercreative/yii2-login-attempts-behavior": "*"
to the require section of your composer.json file.
Usage
Run the following migration
php yii migrate --migrationPath="vendor/ethercreative/yii2-login-attempts-behavior/src/migrations" --interactive=0
Add the behavior to your login model.
public function behaviors() { $behaviors = parent::behaviors(); $behaviors[] = [ 'class' => '\ethercreative\loginattempts\LoginAttemptBehavior', // Amount of attempts in the given time period 'attempts' => 3, // the duration, for a regular failure to be stored for // resets on new failure 'duration' => 300, // the unit to use for the duration 'durationUnit' = 'second', // the duration, to disable login after exceeding `attemps` 'disableDuration' => 900, // the unit to use for the disable duration 'disableDurationUnit' => 'second', // the attribute used as the key in the database // and add errors to 'usernameAttribute' => 'email', // the attribute to check for errors 'passwordAttribute' => 'password', // the validation message to return to `usernameAttribute` 'message' => 'Login disabled', ]; return $behaviors; }
Todo
- Add cache storage
- Add better DB support
- Add option for IP (other?) instead of key
- Add failure delay option
- More customisable