Password_8php_source.html

 <?php


 namespace Elgg\PAM\User;


 use Elgg\Exceptions\LoginException;


 class Password {


     public function __invoke(array $credentials): bool {

         if (!isset($credentials['username']) || !isset($credentials['password'])) {

             return false;

         }


         return elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($credentials) {

             $user = elgg_get_user_by_username($credentials['username']);

             if (!$user) {

                 throw new LoginException(_elgg_services()->translator->translate('LoginException:UsernameFailure'));

             }


             $password_svc = _elgg_services()->passwords;

             $password = (string) $credentials['password'];

             $hash = (string) $user->password_hash;


             if (elgg_is_authentication_failure_limit_reached($user)) {

                 throw new LoginException(_elgg_services()->translator->translate('LoginException:AccountLocked'));

             }


             if (!$password_svc->verify($password, $hash)) {

                 elgg_register_authentication_failure($user);


                 throw new LoginException(_elgg_services()->translator->translate('LoginException:PasswordFailure'));

             }


             if ($password_svc->needsRehash($hash)) {

                 $user->setPassword($password);

             }


             return true;

         });

     }

 }

$user
$user
Definition: ban.php:7

Elgg\Exceptions\LoginException
Generic parent class for login exceptions.
Definition: LoginException.php:12

Elgg\PAM\User\Password
PAM handler to authenticate a user based on username/password Used for the 'user' policy.
Definition: Password.php:14

Elgg\PAM\User\Password\__invoke
__invoke(array $credentials)
Authenticate a user.
Definition: Password.php:24

ELGG_SHOW_DISABLED_ENTITIES
const ELGG_SHOW_DISABLED_ENTITIES
Definition: constants.php:123

_elgg_services
_elgg_services()
Get the global service provider.
Definition: elgglib.php:337

elgg_call
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags.
Definition: elgglib.php:290

elgg_get_user_by_username
elgg_get_user_by_username(string $username, bool $try_email=false)
Get a user by username.
Definition: users.php:31

Elgg\PAM\User
Definition: Password.php:3

$password
if(! $user||! $user->canEdit()) $password
Definition: resetpassword.php:21

if
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.
Definition: robots.php:10

elgg_is_authentication_failure_limit_reached
elgg_is_authentication_failure_limit_reached(\ElggUser $user, ?int $limit=null, ?int $lifetime=null)
Checks if the authentication failure limit has been reached.
Definition: sessions.php:129

elgg_register_authentication_failure
elgg_register_authentication_failure(\ElggUser $user)
Registers an authentication failure for a user.
Definition: sessions.php:103