push @inputs, { name => $name, value => $value };
}
+ my $patron = Koha::Patrons->find({ userid => $q_userid }); # Not necessary logged in!
+
my $LibraryNameTitle = C4::Context->preference("LibraryName");
$LibraryNameTitle =~ s/<(?:\/?)(?:br|p)\s*(?:\/?)>/ /sgi;
$LibraryNameTitle =~ s/<(?:[^<>'"]|'(?:[^']*)'|"(?:[^"]*)")*>//sg;
PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"),
PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"),
opac_css_override => $ENV{'OPAC_CSS_OVERRIDE'},
+ too_many_login_attempts => ( $patron and $patron->account_locked ),
);
$template->param( SCO_login => 1 ) if ( $query->param('sco_user_login') );
sub checkpw {
my ( $dbh, $userid, $password, $query, $type, $no_set_userenv ) = @_;
$type = 'opac' unless $type;
- if ($ldap) {
+
+ my @return;
+ my $patron = Koha::Patrons->find({ userid => $userid });
+
+ if ( $patron and $patron->account_locked ) {
+ @return = (0);
+ } elsif ($ldap) {
$debug and print STDERR "## checkpw - checking LDAP\n";
my ( $retval, $retcard, $retuserid ) = checkpw_ldap(@_); # EXTERNAL AUTH
- return 0 if $retval == -1; # Incorrect password for LDAP login attempt
- ($retval) and return ( $retval, $retcard, $retuserid );
- }
+ if ( $retval ) {
+ @return = ( $retval, $retcard, $retuserid );
+ } else {
+ @return = (0);
+ }
- if ( $cas && $query && $query->param('ticket') ) {
+ } elsif ( $cas && $query && $query->param('ticket') ) {
$debug and print STDERR "## checkpw - checking CAS\n";
# In case of a CAS authentication, we use the ticket instead of the password
my $ticket = $query->param('ticket');
$query->delete('ticket'); # remove ticket to come back to original URL
my ( $retval, $retcard, $retuserid ) = checkpw_cas( $dbh, $ticket, $query, $type ); # EXTERNAL AUTH
- ($retval) and return ( $retval, $retcard, $retuserid );
- return 0;
+ if ( $retval ) {
+ @return = ( $retval, $retcard, $retuserid );
+ } else {
+ @return = (0);
+ }
}
# If we are in a shibboleth session (shibboleth is enabled, and a shibboleth match attribute is present)
# Check for password to asertain whether we want to be testing against shibboleth or another method this
# time around.
- if ( $shib && $shib_login && !$password ) {
+ elsif ( $shib && $shib_login && !$password ) {
$debug and print STDERR "## checkpw - checking Shibboleth\n";
# Then, we check if it matches a valid koha user
if ($shib_login) {
my ( $retval, $retcard, $retuserid ) = C4::Auth_with_shibboleth::checkpw_shib($shib_login); # EXTERNAL AUTH
- ($retval) and return ( $retval, $retcard, $retuserid );
- return 0;
+ if ( $retval ) {
+ @return = ( $retval, $retcard, $retuserid );
+ } else {
+ @return = (0);
+ }
}
}
# INTERNAL AUTH
- return checkpw_internal( $dbh, $userid, $password, $no_set_userenv);
+ @return = checkpw_internal( $dbh, $userid, $password, $no_set_userenv) unless @return;
+
+ if ( $return[0] == 0 ) {
+ $patron->update({ login_attempts => $patron->login_attempts + 1 }) if $patron;
+ } elsif ( $return[1] == 1 ) {
+ $patron->update({ login_attempts => 0 })->store if $patron;
+ }
+ return @return;
}
sub checkpw_internal {
+[% USE Koha %]
[% USE Branches %]
[% SET footerjs = 1 %]
[% INCLUDE 'doc-head-open.inc' %]
[% IF ( nopermission ) %]Access denied[% END %]
[% IF ( timed_out ) %]Session timed out[% END %]
[% IF ( different_ip ) %]IP address change[% END %]
- [% IF ( invalid_username_or_password ) %]Invalid username or password[% END %]
+ [% IF too_many_login_attempts %]This account has been locked.
+ [% ELSIF invalid_username_or_password %]Invalid username or password[% END %]
[% IF ( loginprompt ) %]Log in to Koha[% END %]
</title>
[% INCLUDE 'doc-head-close.inc' %]
<div id="login_error"><strong>Error: </strong>Autolocation is switched on and you are logging in with an IP address that doesn't match your library. </div>
[% END %]
-[% IF ( invalid_username_or_password ) %]
+[% IF too_many_login_attempts %]
+<div id="login_error"><strong>Error: </strong>This account has been locked!</div>
+[% ELSIF invalid_username_or_password %]
<div id="login_error"><strong>Error: </strong>Invalid username or password</div>
[% END %]