ognyk/yii2-login-blocker

Block/ban login for few minutes after 3 wrong login times.

Maintainers

Details

github.com/ognyk/yii2-login-blocker

Source

Issues

Installs: 525

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

Type:yii2-extension

1.3.0 2017-11-15 18:31 UTC

Requires

MIT d8498f20e4c77736ec18c4a893ea03abb4bd46f2

  • Bartosz Lewandowski <ognyk.github.woop@gmail.com>

loginblockyii2ban

This package is not auto-updated.

Last update: 2024-04-28 02:05:57 UTC

README

Latest Stable Version Total Downloads License

Block/ban login for few minutes after 3 wrong login times.

Installation

The preferred way to install this extension is through Composer.

Either run

php composer.phar require --prefer-dist ognyk/yii2-login-blocker

or add

"ognyk/yii2-login-blocker": "*"

to the require section of your composer.json file.

Usage

  1. Add loginBlocker component to your Yii2 configuration like this:

    'components' => [
    'loginBlocker' => [
        'class' => '\ognyk\loginblocker\LoginBlocker'
    ]
]

  2. Methods loginBlocker:

    /* Check if user can login */
\Yii::$app->loginBlocker->check();

/* Increment counter when wrong login or password */
\Yii::$app->loginBlocker->block();

  3. Use loginBlocker:

    if (!\Yii::$app->loginBlocker->check()) {
    return ['error' => 'time_block'];
}

if ($model->login()) {
    // ... good action here
} else {
    \Yii::$app->loginBlocker->block();
    
    return ['error' => 'wrong_credentials'];
}

Advanced config

  1. More parameters:

    'components' => [
    'loginBlocker' => [
        'class' => '\ognyk\loginblocker\LoginBlocker',
        'time' => 300,              // Time to block/ban user in seconds (default 300 sec)
        'wrong_login_number' => 3,  // Number of wrong attempts (default 3 times)
    ]
]

  2. Notification of block/ban by e-mail:

    To use notification by e-mail configure \Yii::$app->mailer.

    All parameters without mails are optional.

    'components' => [
    'loginBlocker' => [
        'class' => '\ognyk\loginblocker\LoginBlocker',
        'mail' => [
            'subject' => 'New subject with user IP {ip}',
            'content' => 'User IP {ip}<br>Date: {date}<b>{params}',
            'sender' => [
                'name' => 'Cezar II',
                'mail' => 'mail@mail.com',
            ],
            'mails' => [
                'admin1@mail.com',
                'admin2@mail.com',
                'admin3@mail.com',
            ],
        ]
    ]
]

  3. More information from login action:

    You can pass custom params to your alert e-mail.

    $params = [
    'Username' => 'Cezar V',
    'Server' => 'torr-2378-45'
];

\Yii::$app->loginBlocker->check($params)

  4. Insert result to database:

    To use database configure \Yii::$app->db.

    You can easily add custom parameters f.e. {params.Username} or {params.Server}.

    Example of database table you can find in migrations folder.

    'components' => [
    'loginBlocker' => [
        'class' => '\ognyk\loginblocker\LoginBlocker',
        'database' => [
            'name' => 'Login_blocker',
            'columns' =>  [
                'ip' => '{ip}',
                'created_datetime' => '{date}',
                'username' => '{params.Username}', // More parameters from point 3
            ]
        ]
    ]
]