Login
in package
implements
ControllerInterface
Controlador de la pantalla de login. Es el unico controlador que se ejecuta sin sesion previa, por lo que concentra todos los puntos de entrada anonimos: alta de sesion (login), validacion del segundo factor (2FA), cierre de sesion (logout) y cambio de contrasena por emergencia usando la contrasena de base de datos.
Incluye la proteccion contra fuerza bruta basada en listas por IP y por usuario en cache, con un umbral de MAX_INCIDENT_COUNT incidentes en una ventana de INCIDENT_EXPIRATION_TIME segundos. El flujo de 2FA exige un nonce escrito por loginAction tras validar la contrasena, para evitar que el endpoint de validacion del codigo se use como puerta trasera sin password.
Table of Contents
Interfaces
Constants
- DUMMY_PASSWORD_HASH : mixed = '$2y$12$ye/68ONwKIM9/446.2a5G.GFcYDXB0hxLxQr2YF...
- INCIDENT_EXPIRATION_TIME : mixed = 600
- IP_LIST : mixed = 'login-ip-list'
- MAX_INCIDENT_COUNT : mixed = 6
- TWO_FACTOR_PENDING_TTL : mixed = 300
- USER_LIST : mixed = 'login-user-list'
Properties
- $empresa : Empresa
- $title : string
- $two_factor_user : string
- $template : string
Methods
- __construct() : mixed
- clearIncidents() : void
- getPageData() : array<string|int, mixed>
- run() : void
- saveIncident() : void
- userHasManyIncidents() : bool
- changePasswordAction() : void
- getIpList() : array<string|int, mixed>
- getUserList() : array<string|int, mixed>
- loginAction() : void
- logoutAction() : void
- saveCookies() : void
- twoFactorPendingKey() : string
- twoFactorValidationAction() : void
- updateUserAndRedirect() : void
- validateFormToken() : bool
Constants
DUMMY_PASSWORD_HASH
public
mixed
DUMMY_PASSWORD_HASH
= '$2y$12$ye/68ONwKIM9/446.2a5G.GFcYDXB0hxLxQr2YFl1BhQ1wjoHM6Fu'
INCIDENT_EXPIRATION_TIME
public
mixed
INCIDENT_EXPIRATION_TIME
= 600
IP_LIST
public
mixed
IP_LIST
= 'login-ip-list'
MAX_INCIDENT_COUNT
public
mixed
MAX_INCIDENT_COUNT
= 6
TWO_FACTOR_PENDING_TTL
public
mixed
TWO_FACTOR_PENDING_TTL
= 300
USER_LIST
public
mixed
USER_LIST
= 'login-user-list'
Properties
$empresa
public
Empresa
$empresa
$title
public
string
$title
= 'Login'
$two_factor_user
public
string
$two_factor_user
$template
private
string
$template
= 'Login/Login.html.twig'
Methods
__construct()
public
__construct(string $className[, string $url = '' ]) : mixed
Parameters
- $className : string
- $url : string = ''
clearIncidents()
public
clearIncidents() : void
getPageData()
public
getPageData() : array<string|int, mixed>
Return values
array<string|int, mixed>run()
public
run() : void
saveIncident()
public
saveIncident(string $ip[, string $user = '' ][, int|null $time = null ]) : void
Parameters
- $ip : string
- $user : string = ''
- $time : int|null = null
userHasManyIncidents()
public
userHasManyIncidents(string $ip[, string $username = '' ]) : bool
Parameters
- $ip : string
- $username : string = ''
Return values
boolchangePasswordAction()
protected
changePasswordAction(Request $request) : void
Parameters
- $request : Request
getIpList()
protected
getIpList() : array<string|int, mixed>
Return values
array<string|int, mixed>getUserList()
protected
getUserList() : array<string|int, mixed>
Return values
array<string|int, mixed>loginAction()
protected
loginAction(Request $request) : void
Parameters
- $request : Request
logoutAction()
protected
logoutAction(Request $request) : void
Parameters
- $request : Request
saveCookies()
protected
saveCookies(User $user, Request $request) : void
Parameters
twoFactorPendingKey()
protected
twoFactorPendingKey(string $ip, string $userName) : string
Parameters
- $ip : string
- $userName : string
Return values
stringtwoFactorValidationAction()
protected
twoFactorValidationAction(Request $request) : void
Parameters
- $request : Request
updateUserAndRedirect()
protected
updateUserAndRedirect(User $user, string $ip, Request $request) : void
Parameters
validateFormToken()
protected
validateFormToken(Request $request) : bool
Parameters
- $request : Request