Elgg  Version 4.3
Password.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\PAM\User;
4 
6 
14 class Password {
15 
24  public function __invoke(array $credentials): bool {
25  if (!isset($credentials['username']) || !isset($credentials['password'])) {
26  return false;
27  }
28 
29  return elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($credentials) {
30  $user = get_user_by_username($credentials['username']);
31  if (!$user) {
32  throw new LoginException(_elgg_services()->translator->translate('LoginException:UsernameFailure'));
33  }
34 
35  $password_svc = _elgg_services()->passwords;
36  $password = $credentials['password'];
37  $hash = $user->password_hash;
38 
40  throw new LoginException(_elgg_services()->translator->translate('LoginException:AccountLocked'));
41  }
42 
43  if (!$password_svc->verify($password, $hash)) {
45 
46  throw new LoginException(_elgg_services()->translator->translate('LoginException:PasswordFailure'));
47  }
48 
49  if ($password_svc->needsRehash($hash)) {
50  $user->setPassword($password);
51  }
52 
53  return true;
54  });
55  }
56 }
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags...
Definition: elgglib.php:592
Generic parent class for login exceptions.
elgg_register_authentication_failure(\ElggUser $user)
Registers an authentication failure for a user.
Definition: sessions.php:103
get_user_by_username($username)
Get user by username.
Definition: users.php:41
if(!$user||!$user->canEdit()) $password
const ELGG_SHOW_DISABLED_ENTITIES
Definition: constants.php:148
$user
Definition: ban.php:7
elgg_is_authentication_failure_limit_reached(\ElggUser $user, int $limit=null, int $lifetime=null)
Checks if the authentication failure limit has been reached.
Definition: sessions.php:129
PAM handler to authenticate a user based on username/password Used for the &#39;user&#39; policy...
Definition: Password.php:14
_elgg_services()
Get the global service provider.
Definition: elgglib.php:638
__invoke(array $credentials)
Authenticate a user.
Definition: Password.php:24
Login as the specified user.