19 use Magento\User\Model\UserFactory;
112 $password =
$observer->getEvent()->getPassword();
115 $authResult =
$observer->getEvent()->getResult();
117 if (!$authResult &&
$user->getId()) {
119 $this->_updateLockingInformation(
$user);
123 $lockExpires =
$user->getLockExpires();
125 $lockExpires = new \DateTime($lockExpires);
126 if ($lockExpires >
new \DateTime()) {
127 throw new UserLockedException(
129 'The account sign-in was incorrect or your account is disabled temporarily. ' 130 .
'Please wait and try again later.' 140 $this->userResource->unlock(
$user->getId());
142 $latestPassword = $this->userResource->getLatestPassword(
$user->getId());
143 $this->_checkExpiredPassword($latestPassword);
145 if (!$this->encryptor->validateHashVersion(
$user->getPassword(),
true)) {
146 $user->setPassword($password)
147 ->setData(
'force_new_password',
true)
158 private function _updateLockingInformation(
$user)
160 $now = new \DateTime();
161 $lockThreshold = $this->observerConfig->getAdminLockThreshold();
162 $maxFailures = $this->observerConfig->getMaxFailures();
163 if (!($lockThreshold && $maxFailures)) {
166 $failuresNum = (int)
$user->getFailuresNum() + 1;
168 if ($firstFailureDate =
$user->getFirstFailure()) {
169 $firstFailureDate = new \DateTime($firstFailureDate);
172 $newFirstFailureDate =
false;
173 $updateLockExpires =
false;
174 $lockThreshInterval = new \DateInterval(
'PT' . $lockThreshold.
'S');
176 if (1 === $failuresNum || !$firstFailureDate || $now->diff($firstFailureDate) > $lockThreshInterval) {
177 $newFirstFailureDate = $now;
179 }
elseif ($failuresNum >= $maxFailures) {
180 $updateLockExpires = $now->add($lockThreshInterval);
182 $this->userResource->updateFailure(
$user, $updateLockExpires, $newFirstFailureDate);
192 private function _checkExpiredPassword($latestPassword)
194 if ($latestPassword && $this->observerConfig->_isLatestPasswordExpired($latestPassword)) {
195 if ($this->observerConfig->isPasswordChangeForced()) {
196 $message =
__(
'It\'s time to change your password.');
198 $myAccountUrl = $this->url->getUrl(
'adminhtml/system_account/');
199 $message =
__(
'It\'s time to <a href="%1">change your password</a>.', $myAccountUrl);
202 $messages = $this->messageManager->getMessages();
207 $this->messageManager->addNoticeMessage(
$message);
208 $message = $messages->getLastAddedMessage();
211 $this->authSession->setPciAdminUserIsPasswordExpired(
true);
elseif(isset( $params[ 'redirect_parent']))
const MESSAGE_ID_PASSWORD_EXPIRED
__construct(ObserverConfig $observerConfig, ResourceUser $userResource, UrlInterface $url, Session $authSession, UserFactory $userFactory, EncryptorInterface $encryptor, ManagerInterface $messageManager)
execute(Observer $observer)