# Copyright (C) 2012-2022 Zammad Foundation, https://zammad-foundation.org/ class Auth attr_reader :user, :password, :auth_user delegate :user, to: :auth_user attr_accessor :increase_login_failed_attempts # Initializes a Auth object for the given user. # # @param username [String] the user name for the user object which needs an authentication. # # @example # auth = Auth.new('admin@example.com', 'some+password') def initialize(username, password) @lookup_backend_instance = {} @auth_user = username.present? ? Auth::User.new(username) : nil @password = password @increase_login_failed_attempts = false end # Validates the given credentials for the user to the configured auth backends which should # be performed. # # @return [Boolean] true if the user was authenticated, otherwise false. def valid? if !auth_user || !auth_user.can_login? avoid_brute_force_attack return false end if backends.valid? auth_user.update_last_login return true end avoid_brute_force_attack auth_user.increase_login_failed if increase_login_failed_attempts false end private # Sleep for a second to avoid brute force attacks. def avoid_brute_force_attack sleep 1 end def backends Auth::Backend.new(self) end end