def get_login(cls, login, parameters):
'''
Return user id if password matches
'''
LoginAttempt = Pool().get('res.user.login.attempt')
count_ip = LoginAttempt.count_ip()
if count_ip > config.getint(
'session', 'max_attempt_ip_network', default=300):
# Do not add attempt as the goal is to prevent flooding
raise RateLimitException()
count = LoginAttempt.count(login)
if count > config.getint('session', 'max_attempt', default=5):
LoginAttempt.add(login)
raise RateLimitException()
Transaction().atexit(time.sleep, random.randint(0, 2 ** count - 1))
for methods in config.get(
'session', 'authentications', default='password').split(','):
user_ids = set()
for method in methods.split('+'):
try:
func = getattr(cls, '_login_%s' % method)
except AttributeError:
logger.info('Missing login method: %s', method)
break
user_ids.add(func(login, parameters))
if len(user_ids) != 1 or not all(user_ids):
break
if len(user_ids) == 1 and all(user_ids):
LoginAttempt.remove(login)
return user_ids.pop()
LoginAttempt.add(login)
