documentation/module-customer_2_model_2_authentication_8php_source.html

 <?php
 namespace Magento\Customer\Model;

 use Magento\Customer\Api\CustomerRepositoryInterface;
 use Magento\Customer\Model\ResourceModel\CustomerRepository;
 use Magento\Customer\Model\CustomerAuthUpdate;
 use Magento\Backend\App\ConfigInterface;
 use Magento\Framework\Encryption\EncryptorInterface as Encryptor;
 use Magento\Framework\Exception\InvalidEmailOrPasswordException;
 use Magento\Framework\Exception\State\UserLockedException;

 class Authentication implements AuthenticationInterface
 {
     const LOCKOUT_THRESHOLD_PATH = 'customer/password/lockout_threshold';

     const MAX_FAILURES_PATH = 'customer/password/lockout_failures';

     protected $customerRegistry;

     protected $backendConfig;

     protected $dateTime;

     protected $encryptor;

     protected $customerRepository;

     private $customerAuthUpdate;

     public function __construct(
         CustomerRepositoryInterface $customerRepository,
         CustomerRegistry $customerRegistry,
         ConfigInterface $backendConfig,
         \Magento\Framework\Stdlib\DateTime $dateTime,
         Encryptor $encryptor
     ) {
         $this->customerRepository = $customerRepository;
         $this->customerRegistry = $customerRegistry;
         $this->backendConfig = $backendConfig;
         $this->dateTime = $dateTime;
         $this->encryptor = $encryptor;
     }

     public function processAuthenticationFailure($customerId)
     {
         $now = new \DateTime();
         $lockThreshold = $this->getLockThreshold();
         $maxFailures =  $this->getMaxFailures();
         $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);

         if (!($lockThreshold && $maxFailures)) {
             return;
         }
         $failuresNum = (int)$customerSecure->getFailuresNum() + 1;

         $firstFailureDate = $customerSecure->getFirstFailure();
         if ($firstFailureDate) {
             $firstFailureDate = new \DateTime($firstFailureDate);
         }

         $lockThreshInterval = new \DateInterval('PT' . $lockThreshold . 'S');
         $lockExpires = $customerSecure->getLockExpires();
         $lockExpired = ($lockExpires !== null) && ($now > new \DateTime($lockExpires));
         // set first failure date when this is the first failure or the lock is expired
         if (1 === $failuresNum || !$firstFailureDate || $lockExpired) {
             $customerSecure->setFirstFailure($this->dateTime->formatDate($now));
             $failuresNum = 1;
             $customerSecure->setLockExpires(null);
             // otherwise lock customer
         } elseif ($failuresNum >= $maxFailures) {
             $customerSecure->setLockExpires($this->dateTime->formatDate($now->add($lockThreshInterval)));
         }

         $customerSecure->setFailuresNum($failuresNum);
         $this->getCustomerAuthUpdate()->saveAuth($customerId);
     }

     public function unlock($customerId)
     {
         $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
         $customerSecure->setFailuresNum(0);
         $customerSecure->setFirstFailure(null);
         $customerSecure->setLockExpires(null);
         $this->getCustomerAuthUpdate()->saveAuth($customerId);
     }

     protected function getLockThreshold()
     {
         return $this->backendConfig->getValue(self::LOCKOUT_THRESHOLD_PATH) * 60;
     }

     protected function getMaxFailures()
     {
         return $this->backendConfig->getValue(self::MAX_FAILURES_PATH);
     }

     public function isLocked($customerId)
     {
         $currentCustomer = $this->customerRegistry->retrieve($customerId);
         return $currentCustomer->isCustomerLocked();
     }

     public function authenticate($customerId, $password)
     {
         $customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
         $hash = $customerSecure->getPasswordHash();
         if (!$this->encryptor->validateHash($password, $hash)) {
             $this->processAuthenticationFailure($customerId);
             if ($this->isLocked($customerId)) {
                 throw new UserLockedException(__('The account is locked.'));
             }
             throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
         }
         return true;
     }

     private function getCustomerAuthUpdate()
     {
         if ($this->customerAuthUpdate === null) {
             $this->customerAuthUpdate =
                 \Magento\Framework\App\ObjectManager::getInstance()->get(CustomerAuthUpdate::class);
         }
         return $this->customerAuthUpdate;
     }
 }
Magento\Customer\Model\CustomerAuthUpdate
Definition: CustomerAuthUpdate.php:12

Magento\Framework\App\ObjectManager\getInstance
static getInstance()
Definition: ObjectManager.php:33

Magento\Customer\Model\Authentication\unlock
unlock($customerId)
Definition: Authentication.php:125

elseif
elseif(isset( $params[ 'redirect_parent']))
Definition: iframe.phtml:17

Magento\Customer\Model\Authentication\LOCKOUT_THRESHOLD_PATH
const LOCKOUT_THRESHOLD_PATH
Definition: Authentication.php:25

Magento\Backend\App\ConfigInterface
Definition: ConfigInterface.php:15

Magento\Framework\Stdlib\DateTime\DateTime
Definition: DateTime.php:15

Magento\Customer\Model\AuthenticationInterface
Definition: AuthenticationInterface.php:15

Magento\Customer\Model\Authentication
Definition: Authentication.php:20

Magento\Customer\Model\Authentication\$customerRepository
$customerRepository
Definition: Authentication.php:57

Magento\Framework\Exception\InvalidEmailOrPasswordException
Definition: InvalidEmailOrPasswordException.php:12

__
__()
Definition: __.php:13

Magento\Framework\App\ResourceConnection\ConfigInterface
Definition: ConfigInterface.php:14

Magento\Customer\Model\Authentication\$encryptor
$encryptor
Definition: Authentication.php:52

Magento\Customer\Model\Authentication\MAX_FAILURES_PATH
const MAX_FAILURES_PATH
Definition: Authentication.php:30

Magento\Customer\Model\Authentication\getMaxFailures
getMaxFailures()
Definition: Authentication.php:149

Magento\Customer\Model\Authentication\__construct
__construct(CustomerRepositoryInterface $customerRepository, CustomerRegistry $customerRegistry, ConfigInterface $backendConfig, \Magento\Framework\Stdlib\DateTime $dateTime, Encryptor $encryptor)
Definition: Authentication.php:71

Magento\Framework\Exception\State\UserLockedException
Definition: UserLockedException.php:14

Magento\Customer\Model\Authentication\authenticate
authenticate($customerId, $password)
Definition: Authentication.php:166

Magento\Framework\Encryption\EncryptorInterface
Definition: EncryptorInterface.php:14

Magento\Customer\Model\Authentication\isLocked
isLocked($customerId)
Definition: Authentication.php:157

Magento\Customer\Model\Authentication\getLockThreshold
getLockThreshold()
Definition: Authentication.php:139

Magento\Customer\Model\Authentication\processAuthenticationFailure
processAuthenticationFailure($customerId)
Definition: Authentication.php:88

$customerId
$customerId
Definition: quote_with_customer.php:16

Magento\Customer\Api\CustomerRepositoryInterface
Definition: CustomerRepositoryInterface.php:15

Magento

Magento\Customer\Model\Authentication\$dateTime
$dateTime
Definition: Authentication.php:47

Magento\Customer\Model\CustomerRegistry
Definition: CustomerRegistry.php:17

Magento\Customer\Model\Authentication\$backendConfig
$backendConfig
Definition: Authentication.php:42

Magento\Customer\Model
Definition: AccountManagementTest.php:7

Magento\Customer\Model\ResourceModel\CustomerRepository
Definition: CustomerRepository.php:25

Magento\Customer\Model\Authentication\$customerRegistry
$customerRegistry
Definition: Authentication.php:35