diff options
Diffstat (limited to 'application/security/BanManager.php')
-rw-r--r-- | application/security/BanManager.php | 30 |
1 files changed, 14 insertions, 16 deletions
diff --git a/application/security/BanManager.php b/application/security/BanManager.php index 68190c54..288cbde0 100644 --- a/application/security/BanManager.php +++ b/application/security/BanManager.php | |||
@@ -3,7 +3,8 @@ | |||
3 | 3 | ||
4 | namespace Shaarli\Security; | 4 | namespace Shaarli\Security; |
5 | 5 | ||
6 | use Shaarli\FileUtils; | 6 | use Psr\Log\LoggerInterface; |
7 | use Shaarli\Helper\FileUtils; | ||
7 | 8 | ||
8 | /** | 9 | /** |
9 | * Class BanManager | 10 | * Class BanManager |
@@ -28,8 +29,8 @@ class BanManager | |||
28 | /** @var string Path to the file containing IP bans and failures */ | 29 | /** @var string Path to the file containing IP bans and failures */ |
29 | protected $banFile; | 30 | protected $banFile; |
30 | 31 | ||
31 | /** @var string Path to the log file, used to log bans */ | 32 | /** @var LoggerInterface Path to the log file, used to log bans */ |
32 | protected $logFile; | 33 | protected $logger; |
33 | 34 | ||
34 | /** @var array List of IP with their associated number of failed attempts */ | 35 | /** @var array List of IP with their associated number of failed attempts */ |
35 | protected $failures = []; | 36 | protected $failures = []; |
@@ -40,18 +41,19 @@ class BanManager | |||
40 | /** | 41 | /** |
41 | * BanManager constructor. | 42 | * BanManager constructor. |
42 | * | 43 | * |
43 | * @param array $trustedProxies List of allowed proxies IP | 44 | * @param array $trustedProxies List of allowed proxies IP |
44 | * @param int $nbAttempts Number of allowed failed attempt before the ban | 45 | * @param int $nbAttempts Number of allowed failed attempt before the ban |
45 | * @param int $banDuration Ban duration in seconds | 46 | * @param int $banDuration Ban duration in seconds |
46 | * @param string $banFile Path to the file containing IP bans and failures | 47 | * @param string $banFile Path to the file containing IP bans and failures |
47 | * @param string $logFile Path to the log file, used to log bans | 48 | * @param LoggerInterface $logger PSR-3 logger to save login attempts in log directory |
48 | */ | 49 | */ |
49 | public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, $logFile) { | 50 | public function __construct($trustedProxies, $nbAttempts, $banDuration, $banFile, LoggerInterface $logger) { |
50 | $this->trustedProxies = $trustedProxies; | 51 | $this->trustedProxies = $trustedProxies; |
51 | $this->nbAttempts = $nbAttempts; | 52 | $this->nbAttempts = $nbAttempts; |
52 | $this->banDuration = $banDuration; | 53 | $this->banDuration = $banDuration; |
53 | $this->banFile = $banFile; | 54 | $this->banFile = $banFile; |
54 | $this->logFile = $logFile; | 55 | $this->logger = $logger; |
56 | |||
55 | $this->readBanFile(); | 57 | $this->readBanFile(); |
56 | } | 58 | } |
57 | 59 | ||
@@ -78,11 +80,7 @@ class BanManager | |||
78 | 80 | ||
79 | if ($this->failures[$ip] >= $this->nbAttempts) { | 81 | if ($this->failures[$ip] >= $this->nbAttempts) { |
80 | $this->bans[$ip] = time() + $this->banDuration; | 82 | $this->bans[$ip] = time() + $this->banDuration; |
81 | logm( | 83 | $this->logger->info(format_log('IP address banned from login: '. $ip, $ip)); |
82 | $this->logFile, | ||
83 | $server['REMOTE_ADDR'], | ||
84 | 'IP address banned from login: '. $ip | ||
85 | ); | ||
86 | } | 84 | } |
87 | $this->writeBanFile(); | 85 | $this->writeBanFile(); |
88 | } | 86 | } |
@@ -138,7 +136,7 @@ class BanManager | |||
138 | unset($this->failures[$ip]); | 136 | unset($this->failures[$ip]); |
139 | } | 137 | } |
140 | unset($this->bans[$ip]); | 138 | unset($this->bans[$ip]); |
141 | logm($this->logFile, $server['REMOTE_ADDR'], 'Ban lifted for: '. $ip); | 139 | $this->logger->info(format_log('Ban lifted for: '. $ip, $ip)); |
142 | 140 | ||
143 | $this->writeBanFile(); | 141 | $this->writeBanFile(); |
144 | return false; | 142 | return false; |