src/user/auth.js

'use strict';

var async = require('async'),
	db = require('../database'),
	meta = require('../meta'),
	events = require('../events');

module.exports = function(User) {
	User.auth = {};

	User.auth.logAttempt = function(uid, callback) {
		db.exists('lockout:' + uid, function(err, exists) {
			if (err) {
				return callback(err);
			}

			if (exists) {
				return callback(new Error('[[error:account-locked]]'));
			}

			db.increment('loginAttempts:' + uid, function(err, attempts) {
				if (err) {
					return callback(err);
				}

				if ((meta.config.loginAttempts || 5) < attempts) {
					// Lock out the account
					db.set('lockout:' + uid, '', function(err) {
						if (err) {
							return callback(err);
						}
						var duration = 1000 * 60 * (meta.config.lockoutDuration || 60);
						
						db.delete('loginAttempts:' + uid);
						db.pexpire('lockout:' + uid, duration);

						events.logAccountLock(uid, duration);
						callback(new Error('account-locked'));
					});
				} else {
					db.pexpire('loginAttempts:' + uid, 1000 * 60 * 60);
					callback();
				}
			});
		});
	};

	User.auth.clearLoginAttempts = function(uid) {
		db.delete('loginAttempts:' + uid);
	};

	User.auth.resetLockout = function(uid, callback) {
		async.parallel([
			async.apply(db.delete, 'loginAttempts:' + uid),
			async.apply(db.delete, 'lockout:' + uid)
		], callback);
	};
};
closes #1911 2014-07-29 00:42:33 -04:00			`'use strict';`

closes #1971 2014-08-14 08:34:38 -04:00			`var async = require('async'),`
			`db = require('../database'),`
closes #2519 2014-12-11 10:17:04 -05:00			`meta = require('../meta'),`
			`events = require('../events');`
closed #1453 2014-05-11 11:45:20 -04:00
			`module.exports = function(User) {`
			`User.auth = {};`

			`User.auth.logAttempt = function(uid, callback) {`
			`db.exists('lockout:' + uid, function(err, exists) {`
closes #1911 2014-07-29 00:42:33 -04:00			`if (err) {`
			`return callback(err);`
			`}`

			`if (exists) {`
			`return callback(new Error('[[error:account-locked]]'));`
closed #1453 2014-05-11 11:45:20 -04:00			`}`
closes #1911 2014-07-29 00:42:33 -04:00
			`db.increment('loginAttempts:' + uid, function(err, attempts) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`if ((meta.config.loginAttempts \|\| 5) < attempts) {`
			`// Lock out the account`
			`db.set('lockout:' + uid, '', function(err) {`
			`if (err) {`
			`return callback(err);`
			`}`
closes #2519 2014-12-11 10:17:04 -05:00			`var duration = 1000 * 60 * (meta.config.lockoutDuration \|\| 60);`

closes #1911 2014-07-29 00:42:33 -04:00			`db.delete('loginAttempts:' + uid);`
closes #2519 2014-12-11 10:17:04 -05:00			`db.pexpire('lockout:' + uid, duration);`

			`events.logAccountLock(uid, duration);`
closes #1911 2014-07-29 00:42:33 -04:00			`callback(new Error('account-locked'));`
			`});`
			`} else {`
			`db.pexpire('loginAttempts:' + uid, 1000 * 60 * 60);`
			`callback();`
			`}`
			`});`
			`});`
closed #1453 2014-05-11 11:45:20 -04:00			`};`

			`User.auth.clearLoginAttempts = function(uid) {`
			`db.delete('loginAttempts:' + uid);`
			`};`
closes #1971 2014-08-14 08:34:38 -04:00
			`User.auth.resetLockout = function(uid, callback) {`
			`async.parallel([`
fixed resetLockout 2014-09-12 19:07:01 -04:00			`async.apply(db.delete, 'loginAttempts:' + uid),`
closes #1971 2014-08-14 08:34:38 -04:00			`async.apply(db.delete, 'lockout:' + uid)`
			`], callback);`
all your semi-colons are belongs to me 2014-10-08 12:18:32 -04:00			`};`
closed #1453 2014-05-11 11:45:20 -04:00			`};`