Beispiel #1
0
bool AuthModel::validateField(Field field)
{
  if (field == RememberMeField)
    return true;

  User user = users().findWithIdentity(Identity::LoginName,
				       valueText(LoginNameField));
  if (field == LoginNameField) {
    if (user.isValid())
      setValid(LoginNameField);
    else {
      setValidation
	(LoginNameField,
	 WValidator::Result(ValidationState::Invalid,
			    WString::tr("Wt.Auth.user-name-invalid")));

      throttlingDelay_ = 0;
    }

    return user.isValid();
  } else if (field == PasswordField) {
    if (user.isValid()) {
      PasswordResult r
	= passwordAuth()->verifyPassword(user, valueText(PasswordField));

      switch (r) {
      case PasswordResult::PasswordInvalid:
	setValidation
	  (PasswordField,
	   WValidator::Result(ValidationState::Invalid,
			      WString::tr("Wt.Auth.password-invalid")));

	if (passwordAuth()->attemptThrottlingEnabled())
	  throttlingDelay_ = passwordAuth()->delayForNextAttempt(user);

	return false;
      case PasswordResult::LoginThrottling:
	setValidation
	  (PasswordField,
	   WValidator::Result(ValidationState::Invalid,
			      WString::tr("Wt.Auth.password-info")));
	setValidated(PasswordField, false);

	throttlingDelay_ = passwordAuth()->delayForNextAttempt(user);
	LOG_SECURE("throttling: " << throttlingDelay_
		   << " seconds for " << user.identity(Identity::LoginName));

	return false;
      case PasswordResult::PasswordValid:
	setValid(PasswordField);
	return true;
      }

      /* unreachable */
      return false;
    } else
      return false;
  } else
    return false;
}
Beispiel #2
0
void WFormModel::setValidation(Field field,
			       const WValidator::Result& result)
{
  FieldMap::iterator i = fields_.find(field);

  if (i != fields_.end()) {
    i->second.validation = result;
    setValidated(field, true);
  } else
    LOG_ERROR("setValidation(): " << field << " not in model");
}