Elgg  Version master
Password.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\PAM\User;
4 
6 
14 class Password {
15 
24  public function __invoke(array $credentials): bool {
25  if (!isset($credentials['username']) || !isset($credentials['password'])) {
26  return false;
27  }
28 
29  return elgg_call(ELGG_SHOW_DISABLED_ENTITIES, function() use ($credentials) {
30  $user = elgg_get_user_by_username($credentials['username']);
31  if (!$user) {
32  throw new LoginException(_elgg_services()->translator->translate('LoginException:UsernameFailure'));
33  }
34 
35  $password_svc = _elgg_services()->passwords;
36  $password = (string) $credentials['password'];
37  $hash = (string) $user->password_hash;
38 
40  throw new LoginException(_elgg_services()->translator->translate('LoginException:AccountLocked'));
41  }
42 
43  if (!$password_svc->verify($password, $hash)) {
45 
46  throw new LoginException(_elgg_services()->translator->translate('LoginException:PasswordFailure'));
47  }
48 
49  if ($password_svc->needsRehash($hash)) {
50  $user->setPassword($password);
51  }
52 
53  return true;
54  });
55  }
56 }
elgg_call(int $flags, Closure $closure)
Calls a callable autowiring the arguments using public DI services and applying logic based on flags...
Definition: elgglib.php:299
if(parse_url(elgg_get_site_url(), PHP_URL_PATH)!== '/') if(file_exists(elgg_get_root_path(). 'robots.txt'))
Set robots.txt.
Definition: robots.php:10
Generic parent class for login exceptions.
elgg_get_user_by_username(string $username, bool $try_email=false)
Get a user by username.
Definition: users.php:39
elgg_register_authentication_failure(\ElggUser $user)
Registers an authentication failure for a user.
Definition: sessions.php:103
if(!$user||!$user->canEdit()) $password
const ELGG_SHOW_DISABLED_ENTITIES
Definition: constants.php:132
$user
Definition: ban.php:7
elgg_is_authentication_failure_limit_reached(\ElggUser $user, int $limit=null, int $lifetime=null)
Checks if the authentication failure limit has been reached.
Definition: sessions.php:129
PAM handler to authenticate a user based on username/password Used for the &#39;user&#39; policy...
Definition: Password.php:14
_elgg_services()
Get the global service provider.
Definition: elgglib.php:346
__invoke(array $credentials)
Authenticate a user.
Definition: Password.php:24
Login as the specified user.