60 $this->throttleSettings = array_intersect_key( $params,
61 [
'accountCreationThrottle' =>
true,
'passwordAttemptThrottle' =>
true ] );
76 $this->throttleSettings += [
79 'passwordAttemptThrottle' =>
83 if ( !empty( $this->throttleSettings[
'accountCreationThrottle'] ) ) {
84 $this->accountCreationThrottle =
new Throttler(
85 $this->throttleSettings[
'accountCreationThrottle'], [
86 'type' =>
'acctcreate',
87 'cache' => $this->cache,
91 if ( !empty( $this->throttleSettings[
'passwordAttemptThrottle'] ) ) {
92 $this->passwordAttemptThrottle =
new Throttler(
93 $this->throttleSettings[
'passwordAttemptThrottle'], [
95 'cache' => $this->cache,
102 if ( !$this->accountCreationThrottle || !$creator->isPingLimitable() ) {
103 return \StatusValue::newGood();
106 $ip = $this->manager->getRequest()->getIP();
108 if ( !$this->
getHookRunner()->onExemptFromAccountCreationThrottle( $ip ) ) {
109 $this->logger->debug( __METHOD__ .
": a hook allowed account creation w/o throttle" );
110 return \StatusValue::newGood();
113 $result = $this->accountCreationThrottle->increase(
null, $ip, __METHOD__ );
115 $message =
wfMessage(
'acct_creation_throttle_hit' )->params( $result[
'count'] )
116 ->durationParams( $result[
'wait'] );
117 return \StatusValue::newFatal( $message );
120 return \StatusValue::newGood();
124 if ( !$this->passwordAttemptThrottle ) {
125 return \StatusValue::newGood();
128 $ip = $this->manager->getRequest()->getIP();
131 }
catch ( \UnexpectedValueException $e ) {
137 if ( $username !==
null ) {
138 $usernames = $this->manager->normalizeUsername( $username );
140 $usernames = [ null ];
143 foreach ( $usernames as $name ) {
144 $r = $this->passwordAttemptThrottle->increase( $name, $ip, __METHOD__ );
145 if ( $r && ( !$result || $result[
'wait'] < $r[
'wait'] ) ) {
151 $message =
wfMessage(
'login-throttled' )->durationParams( $result[
'wait'] );
152 return \StatusValue::newFatal( $message );
154 $this->manager->setAuthenticationSessionData(
'LoginThrottle',
155 [
'users' => $usernames,
'ip' => $ip ] );
156 return \StatusValue::newGood();
167 } elseif ( !$this->passwordAttemptThrottle ) {
171 $data = $this->manager->getAuthenticationSessionData(
'LoginThrottle' );
175 $this->logger->info(
'throttler data not found for {user}', [
'user' => $user->getName() ] );
179 foreach ( $data[
'users'] as $name ) {
180 $this->passwordAttemptThrottle->clear( $name, $data[
'ip'] );
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Class representing a cache/ephemeral data store.
A class containing constants representing the names of configuration variables.
const AccountCreationThrottle
Name constant for the AccountCreationThrottle setting, for use with Config::get()
const PasswordAttemptThrottle
Name constant for the PasswordAttemptThrottle setting, for use with Config::get()
static getLocalClusterInstance()
Get the main cluster-local cache object.