61 $this->throttleSettings = array_intersect_key(
$params,
62 [
'accountCreationThrottle' =>
true,
'passwordAttemptThrottle' =>
true ] );
64 $this->cache =
$params[
'cache'] ?? $services->getObjectCacheFactory()
65 ->getLocalClusterInstance();
79 $this->throttleSettings += [
82 'passwordAttemptThrottle' =>
86 if ( !empty( $this->throttleSettings[
'accountCreationThrottle'] ) ) {
87 $this->accountCreationThrottle =
new Throttler(
88 $this->throttleSettings[
'accountCreationThrottle'], [
89 'type' =>
'acctcreate',
90 'cache' => $this->cache,
94 if ( !empty( $this->throttleSettings[
'passwordAttemptThrottle'] ) ) {
95 $this->passwordAttemptThrottle =
new Throttler(
96 $this->throttleSettings[
'passwordAttemptThrottle'], [
98 'cache' => $this->cache,
105 if ( !$this->accountCreationThrottle || !$creator->isPingLimitable() ) {
106 return \StatusValue::newGood();
109 $ip = $this->manager->getRequest()->getIP();
111 if ( !$this->
getHookRunner()->onExemptFromAccountCreationThrottle( $ip ) ) {
112 $this->logger->debug( __METHOD__ .
": a hook allowed account creation w/o throttle" );
113 return \StatusValue::newGood();
116 $result = $this->accountCreationThrottle->increase(
null, $ip, __METHOD__ );
118 $message =
wfMessage(
'acct_creation_throttle_hit' )->params( $result[
'count'] )
119 ->durationParams( $result[
'wait'] );
120 return \StatusValue::newFatal( $message );
123 return \StatusValue::newGood();
127 if ( !$this->passwordAttemptThrottle ) {
128 return \StatusValue::newGood();
131 $ip = $this->manager->getRequest()->getIP();
134 }
catch ( \UnexpectedValueException $e ) {
140 if ( $username !==
null ) {
141 $usernames = $this->manager->normalizeUsername( $username );
143 $usernames = [ null ];
146 foreach ( $usernames as $name ) {
147 $r = $this->passwordAttemptThrottle->increase( $name, $ip, __METHOD__ );
148 if ( $r && ( !$result || $result[
'wait'] < $r[
'wait'] ) ) {
154 $message =
wfMessage(
'login-throttled' )->durationParams( $result[
'wait'] );
155 return \StatusValue::newFatal( $message );
157 $this->manager->setAuthenticationSessionData(
'LoginThrottle',
158 [
'users' => $usernames,
'ip' => $ip ] );
159 return \StatusValue::newGood();
170 } elseif ( !$this->passwordAttemptThrottle ) {
174 $data = $this->manager->getAuthenticationSessionData(
'LoginThrottle' );
178 $this->logger->info(
'throttler data not found for {user}', [
'user' => $user->getName() ] );
182 foreach ( $data[
'users'] as $name ) {
183 $this->passwordAttemptThrottle->clear( $name, $data[
'ip'] );
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
array $params
The job parameters.
A class containing constants representing the names of configuration variables.
const AccountCreationThrottle
Name constant for the AccountCreationThrottle setting, for use with Config::get()
const PasswordAttemptThrottle
Name constant for the PasswordAttemptThrottle setting, for use with Config::get()