56 $this->throttleSettings = array_intersect_key(
$params,
57 [
'accountCreationThrottle' =>
true,
'passwordAttemptThrottle' =>
true ] );
59 $this->cache =
$params[
'cache'] ?? $services->getObjectCacheFactory()
60 ->getLocalClusterInstance();
74 $this->throttleSettings += [
77 'passwordAttemptThrottle' =>
81 if ( !empty( $this->throttleSettings[
'accountCreationThrottle'] ) ) {
82 $this->accountCreationThrottle =
new Throttler(
83 $this->throttleSettings[
'accountCreationThrottle'], [
84 'type' =>
'acctcreate',
85 'cache' => $this->cache,
89 if ( !empty( $this->throttleSettings[
'passwordAttemptThrottle'] ) ) {
90 $this->passwordAttemptThrottle =
new Throttler(
91 $this->throttleSettings[
'passwordAttemptThrottle'], [
93 'cache' => $this->cache,
100 if ( !$this->accountCreationThrottle || !$creator->isPingLimitable() ) {
101 return \StatusValue::newGood();
104 $ip = $this->manager->getRequest()->getIP();
106 if ( !$this->
getHookRunner()->onExemptFromAccountCreationThrottle( $ip ) ) {
107 $this->logger->debug( __METHOD__ .
": a hook allowed account creation w/o throttle" );
108 return \StatusValue::newGood();
111 $result = $this->accountCreationThrottle->increase(
null, $ip, __METHOD__ );
113 $message =
wfMessage(
'acct_creation_throttle_hit' )->params( $result[
'count'] )
114 ->durationParams( $result[
'wait'] );
115 return \StatusValue::newFatal( $message );
118 return \StatusValue::newGood();
122 if ( !$this->passwordAttemptThrottle ) {
123 return \StatusValue::newGood();
126 $ip = $this->manager->getRequest()->getIP();
129 }
catch ( \UnexpectedValueException $e ) {
135 if ( $username !==
null ) {
136 $usernames = $this->manager->normalizeUsername( $username );
138 $usernames = [ null ];
141 foreach ( $usernames as $name ) {
142 $r = $this->passwordAttemptThrottle->increase( $name, $ip, __METHOD__ );
143 if ( $r && ( !$result || $result[
'wait'] < $r[
'wait'] ) ) {
149 $message =
wfMessage(
'login-throttled' )->durationParams( $result[
'wait'] );
150 return \StatusValue::newFatal( $message );
152 $this->manager->setAuthenticationSessionData(
'LoginThrottle',
153 [
'users' => $usernames,
'ip' => $ip ] );
154 return \StatusValue::newGood();
165 } elseif ( !$this->passwordAttemptThrottle ) {
169 $data = $this->manager->getAuthenticationSessionData(
'LoginThrottle' );
173 $this->logger->info(
'throttler data not found for {user}', [
'user' => $user->getName() ] );
177 foreach ( $data[
'users'] as $name ) {
178 $this->passwordAttemptThrottle->clear( $name, $data[
'ip'] );
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
array $params
The job parameters.
A class containing constants representing the names of configuration variables.
const AccountCreationThrottle
Name constant for the AccountCreationThrottle setting, for use with Config::get()
const PasswordAttemptThrottle
Name constant for the PasswordAttemptThrottle setting, for use with Config::get()