FailedLoginAttemptNotification uses LogDataTrait

Sends out an email for failed logins in TYPO3 Backend when a certain threshold of failed logins during a certain timeframe has happened.

Relevant settings: $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr']

Internal

this class is not part of the TYPO3 Core API as this is a concrete hook implementation

Table of Contents

Properties

$failedLoginAttemptsThreshold  : int
The maximum accepted number of warnings before an email to $notificationRecipientEmailAddress is sent
$notificationRecipientEmailAddress  : string
The receiver of the notification
$warningPeriod  : int
Time span (in seconds) within the number of failed logins are collected.

Methods

__construct()  : mixed
sendEmailOnLoginFailures()  : bool
Sends a warning email if there has been a certain amount of failed logins during a period.
createPreparedQueryBuilder()  : QueryBuilder
formatLogDetails()  : string
Replaces a string with placeholders (%s or {myPlaceholder}) with its substitutes.
formatLogDetailsStatic()  : string
Static version for ViewHelpers etc.
getLoginFailures()  : array<string|int, mixed>
Retrieves all failed logins within a given timeframe until now.
sendLoginAttemptEmail()  : void
Sends out an email if the number of attempts have exceeded a limit.
unserializeLogData()  : array<string|int, mixed>|null
Useful for handling old serialized data, which might have been migrated to JSON encoded properties already.

Properties

$failedLoginAttemptsThreshold

The maximum accepted number of warnings before an email to $notificationRecipientEmailAddress is sent

protected int $failedLoginAttemptsThreshold

$notificationRecipientEmailAddress

The receiver of the notification

protected string $notificationRecipientEmailAddress

$warningPeriod

Time span (in seconds) within the number of failed logins are collected.

protected int $warningPeriod

Number of sections back in time to check. This is a kind of limit for how many failures an hour.

Methods

__construct()

public __construct([string|null $notificationRecipientEmailAddress = null ][, int $warningPeriod = 3600 ][, int $failedLoginAttemptsThreshold = 3 ]) : mixed
Parameters
$notificationRecipientEmailAddress : string|null = null
$warningPeriod : int = 3600
$failedLoginAttemptsThreshold : int = 3

sendEmailOnLoginFailures()

Sends a warning email if there has been a certain amount of failed logins during a period.

public sendEmailOnLoginFailures(array<string|int, mixed> $params, AbstractUserAuthentication $user) : bool

If a login fails, this function is called. It will look up the sys_log to see if there have been more than $failedLoginAttemptsThreshold failed logins the last X seconds (default 3600, see $warningPeriod). If so, an email with a warning is sent.

Parameters
$params : array<string|int, mixed>

always empty in this hook

$user : AbstractUserAuthentication

the referenced user where the hook is called.

Return values
bool

always returns true to ensure "sleep" functionality of AbstractUserAuthentication is kept.

createPreparedQueryBuilder()

protected createPreparedQueryBuilder(int $earliestLogDate, int $loginAction) : QueryBuilder
Parameters
$earliestLogDate : int
$loginAction : int
Return values
QueryBuilder

formatLogDetails()

Replaces a string with placeholders (%s or {myPlaceholder}) with its substitutes.

protected formatLogDetails(string $detailString, mixed $substitutes) : string
Parameters
$detailString : string
$substitutes : mixed
Return values
string

formatLogDetailsStatic()

Static version for ViewHelpers etc.

protected static formatLogDetailsStatic(string $detailString, array<string|int, mixed> $substitutes) : string

Replaces a string with placeholders (%s or {myPlaceholder}) with its substitutes.

Parameters
$detailString : string
$substitutes : array<string|int, mixed>
Return values
string

getLoginFailures()

Retrieves all failed logins within a given timeframe until now.

protected getLoginFailures(int $earliestTimeToCheckForFailures) : array<string|int, mixed>
Parameters
$earliestTimeToCheckForFailures : int

A UNIX timestamp that acts as the "earliest" date to check within the logs

Return values
array<string|int, mixed>

a list of sys_log entries since the earliest, or empty if no entries have been logged

sendLoginAttemptEmail()

Sends out an email if the number of attempts have exceeded a limit.

protected sendLoginAttemptEmail(array<string|int, mixed> $previousFailures) : void
Parameters
$previousFailures : array<string|int, mixed>

sys_log entries that have been logged since the last time a notification was sent

unserializeLogData()

Useful for handling old serialized data, which might have been migrated to JSON encoded properties already.

protected unserializeLogData(mixed $logData) : array<string|int, mixed>|null
Parameters
$logData : mixed
Return values
array<string|int, mixed>|null 

        

        
    




    

    

                            

            

                            
    

        On this page

        
    


            

                    

        

    

        

            
Search results