Tiger_Model_Login
@api· extendsTiger_Model_Table
Login — the append-only authentication audit log (see migration 0011).
Extends Tiger_Model_Table for the v7 PK + created_at stamp (the table has no updated/deleted/actor columns, so those are simply no-ops). Rows are written by Tiger_Service_Authentication on every attempt and never updated. The failure/IP counters are the substrate for future rate-limiting; the platform records, an app (or a later layer) decides policy.
Methods
record()
record(array $data)
Record one login attempt.
$dataarray— user_id/org_id/identifier/method/result/ip_address/user_agent/fingerprint
Returns string — login_id
recentForUser()
recentForUser($userId, $limit = 20)
Fetch a user's login history, newest first (for a "recent sign-in activity" view).
$userIdstring— the user id$limitint— max rows to return
Returns Zend_Db_Table_Rowset_Abstract — the login rows, newest first
recentFailuresForIdentifier()
recentFailuresForIdentifier($identifier, $sinceSeconds = 900)
Count recent FAILED/LOCKED attempts for an identifier (email/phone) — for rate-limiting.
$identifierstring— the login identifier (email/phone)$sinceSecondsint— the look-back window in seconds
Returns int — the count of failed/locked attempts
recentFailuresFromIp()
recentFailuresFromIp($ip, $sinceSeconds = 900)
Count recent FAILED/LOCKED attempts from an IP — for distributed brute-force detection.
$ipstring— the client IP address$sinceSecondsint— the look-back window in seconds
Returns int — the count of failed/locked attempts
purgeOlderThan()
purgeOlderThan($days)
Retention: delete log rows older than N days. Call on a schedule (GDPR).
$daysint— the age threshold in days
Returns int — rows removed