use of com.liferay.portal.UserLockoutException in project liferay-ide by liferay.
the class UserLocalServiceImpl method checkLockout.
/**
* Checks if the user is currently locked out based on the password policy,
* and performs maintenance on the user's lockout and failed login data.
*
* @param user the user
* @throws PortalException if the user was determined to still be locked out
* @throws SystemException if a system exception occurred
*/
@Override
public void checkLockout(User user) throws PortalException, SystemException {
if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
return;
}
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
if (!passwordPolicy.isLockout()) {
return;
}
// Reset failure count
Date now = new Date();
int failedLoginAttempts = user.getFailedLoginAttempts();
if (failedLoginAttempts > 0) {
long failedLoginTime = user.getLastFailedLoginDate().getTime();
long elapsedTime = now.getTime() - failedLoginTime;
long requiredElapsedTime = passwordPolicy.getResetFailureCount() * 1000;
if ((requiredElapsedTime != 0) && (elapsedTime > requiredElapsedTime)) {
user.setFailedLoginAttempts(0);
userPersistence.update(user);
}
}
if (user.isLockout()) {
long lockoutTime = user.getLockoutDate().getTime();
long elapsedTime = now.getTime() - lockoutTime;
long requiredElapsedTime = passwordPolicy.getLockoutDuration() * 1000;
if ((requiredElapsedTime != 0) && (elapsedTime > requiredElapsedTime)) {
user.setLockout(false);
user.setLockoutDate(null);
userPersistence.update(user);
}
}
if (user.isLockout()) {
throw new UserLockoutException();
}
}
Aggregations