‪TYPO3CMS  11.5
Public Member Functions | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification Class Reference
Inheritance diagram for TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification:
TYPO3\CMS\Core\Log\LogDataTrait

Public Member Functions

 __construct (string $notificationRecipientEmailAddress=null, int $warningPeriod=3600, int $failedLoginAttemptsThreshold=3)
 
bool sendEmailOnLoginFailures (array $params, AbstractUserAuthentication $user)
 

Protected Member Functions

array getLoginFailures (int $earliestTimeToCheckForFailures)
 
 sendLoginAttemptEmail (array $previousFailures)
 
QueryBuilder createPreparedQueryBuilder (int $earliestLogDate, int $loginAction)
 
- ‪Protected Member Functions inherited from ‪TYPO3\CMS\Core\Log\LogDataTrait
array null unserializeLogData ($logData)
 
string formatLogDetails (string $detailString, $substitutes)
 

Protected Attributes

string $notificationRecipientEmailAddress
 
int $warningPeriod
 
int $failedLoginAttemptsThreshold
 

Additional Inherited Members

- ‪Static Protected Member Functions inherited from ‪TYPO3\CMS\Core\Log\LogDataTrait
static formatLogDetailsStatic (string $detailString, array $substitutes)
 

Detailed Description

Sends out an email for failed logins in TYPO3 Backend when a certain threshold of failed logins during a certain timeframe has happened.

Relevant settings: $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr']

this class is not part of the TYPO3 Core API as this is a concrete hook implementation

Definition at line 44 of file FailedLoginAttemptNotification.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::__construct ( string  $notificationRecipientEmailAddress = null,
int  $warningPeriod = 3600,
int  $failedLoginAttemptsThreshold = 3 
)

Definition at line 63 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\$failedLoginAttemptsThreshold, $GLOBALS, TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\$notificationRecipientEmailAddress, and TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\$warningPeriod.

Member Function Documentation

◆ createPreparedQueryBuilder()

QueryBuilder TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::createPreparedQueryBuilder ( int  $earliestLogDate,
int  $loginAction 
)
protected
Parameters
int$earliestLogDate
int$loginAction
Returns
‪QueryBuilder

Definition at line 176 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Core\Database\Connection\PARAM_INT.

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\getLoginFailures().

◆ getLoginFailures()

array TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::getLoginFailures ( int  $earliestTimeToCheckForFailures)
protected

Retrieves all failed logins within a given timeframe until now.

Parameters
int$earliestTimeToCheckForFailures‪A UNIX timestamp that acts as the "earliest" date to check within the logs
Returns
‪array a list of sys_log entries since the earliest, or empty if no entries have been logged

Definition at line 115 of file FailedLoginAttemptNotification.php.

References TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\createPreparedQueryBuilder().

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\sendEmailOnLoginFailures().

◆ sendEmailOnLoginFailures()

bool TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::sendEmailOnLoginFailures ( array  $params,
AbstractUserAuthentication  $user 
)

Sends a warning email if there has been a certain amount of failed logins during a period. If a login fails, this function is called. It will look up the sys_log to see if there have been more than $failedLoginAttemptsThreshold failed logins the last X seconds (default 3600, see $warningPeriod). If so, an email with a warning is sent.

Parameters
array$params‪always empty in this hook
AbstractUserAuthentication$user‪the referenced user where the hook is called.
Returns
‪bool always returns true to ensure "sleep" functionality of AbstractUserAuthentication is kept.

Definition at line 80 of file FailedLoginAttemptNotification.php.

References $GLOBALS, TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\$warningPeriod, TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\getLoginFailures(), TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\sendLoginAttemptEmail(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writelog().

◆ sendLoginAttemptEmail()

TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::sendLoginAttemptEmail ( array  $previousFailures)
protected

Sends out an email if the number of attempts have exceeded a limit.

Parameters
array$previousFailures‪sys_log entries that have been logged since the last time a notification was sent

Definition at line 142 of file FailedLoginAttemptNotification.php.

References $GLOBALS, and TYPO3\CMS\Core\Log\LogDataTrait\formatLogDetails().

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\sendEmailOnLoginFailures().

Member Data Documentation

◆ $failedLoginAttemptsThreshold

int TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::$failedLoginAttemptsThreshold
protected

The maximum accepted number of warnings before an email to $notificationRecipientEmailAddress is sent

Definition at line 61 of file FailedLoginAttemptNotification.php.

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\__construct().

◆ $notificationRecipientEmailAddress

string TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::$notificationRecipientEmailAddress
protected

The receiver of the notification

Definition at line 50 of file FailedLoginAttemptNotification.php.

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\__construct().

◆ $warningPeriod

int TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification::$warningPeriod
protected

Time span (in seconds) within the number of failed logins are collected. Number of sections back in time to check. This is a kind of limit for how many failures an hour.

Definition at line 56 of file FailedLoginAttemptNotification.php.

Referenced by TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\__construct(), and TYPO3\CMS\Backend\Security\FailedLoginAttemptNotification\sendEmailOnLoginFailures().