Hello i am using the following code security and it is working. But I wanted to know how to enable the lock account again as per code:
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return redirect('/login')->withErrors(array('error' => 'Your account has been disabled because of too many wrong attempts'));
}
//check if user is deactivated by admin
$user = User::where('email', $request->email_username)->first();
if ($user && !$user->active) {
return redirect('/login')->withErrors(array('error' => 'Your account has been disabled by an administrator.'));
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return redirect('/login')->withErrors(array('error' => 'Your account has been disabled because of too many wrong attempts'));
}
if(isset($user) && !empty($user)){
$request->session()->forget('password_expired_id');
$password_updated_at = $user->passwordSecurity->password_updated_at;
$password_expiry_days = $user->passwordSecurity->password_expiry_days;
$password_expiry_at = Carbon::parse($password_updated_at)->addDays($password_expiry_days);
if($password_expiry_at->lessThan(Carbon::now()) || $user->force_reset == "1"){
$request->session()->put('password_expired_id',$user->id);
auth()->logout();
return redirect('/passwordExpiration')->with('message', "Your Password is expired, You need to change your password.");
}
}
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire