Checks if the given hash matches the options.
| public static needsRehash ( $hash, array $options = [] ) : boolean | ||
| $options | array | |
| return | boolean | |
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @var array $credentials
* @return Nette\Security\IIdentity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
if (is_null($password)) {
$user = $this->manager->getItem($username);
} else {
$user = $this->manager->getUserByUsername($username);
if (is_null($user->password)) {
throw new Trejjam\Authorization\User\AuthenticatorException('User has not have defined password.', Trejjam\Authorization\User\AuthenticatorException::NOT_DEFINED_PASSWORD);
} else {
if (!Nette\Security\Passwords::verify($password, $user->password)) {
throw new Trejjam\Authorization\User\AuthenticatorException('The password is incorrect.', Trejjam\Authorization\User\AuthenticatorException::INVALID_CREDENTIAL);
} else {
if (Nette\Security\Passwords::needsRehash($user->password)) {
$this->manager->changePassword($user, $password);
}
}
}
}
if ($this->manager->isEnableLogin($user)) {
$baseUserArr = (array) $this->manager->getUserInfo($user);
$baseUserArr["login_time"] = new Nette\Utils\DateTime();
$role = $this->acl->getUserRoles($user);
return new Identity($user->id, $role, $baseUserArr);
} else {
//this may not happen
throw new Trejjam\Authorization\User\AuthenticatorException();
}
}
/**
* Performs an authentication.
* @param array $credentials (string $username, string $password)
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$row = $this->database->table('user')->where('username', $username)->fetch();
if (!$row) {
throw new Security\AuthenticationException('Uživatel s tímto jménem neexistuje.', self::IDENTITY_NOT_FOUND);
} elseif (!Security\Passwords::verify($password, $row->password)) {
throw new Security\AuthenticationException('Nesprávné heslo.', self::INVALID_CREDENTIAL);
} elseif (!$row->active) {
throw new Security\AuthenticationException('Účet není aktivovaný.', self::NOT_APPROVED);
} elseif (Security\Passwords::needsRehash($row->password)) {
$row->update(array('password' => Security\Passwords::hash($password)));
}
$arr = $row->toArray();
unset($arr['password']);
$roles = $row->related('privilege')->fetch()->toArray();
unset($roles['user_id']);
//adds privileges
array_walk($roles, function (&$value, $key) use(&$roles) {
if ($value != NULL) {
$value = $key . ' - ' . $value;
}
});
return new Security\Identity($row->id, $roles, $arr);
}
/**
* @param array $credentials
* @return Identity
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->orm->users->getByEmail($email);
if (!$user) {
throw new AuthenticationException('auth.flash.wrongUsername', self::IDENTITY_NOT_FOUND);
}
if (!$user->password) {
throw new AuthenticationException('auth.flash.notSet', self::PASSWORD_NOT_SET);
}
$plainHash = $this->aes->decrypt($user->password);
if (strpos($user->password, 'old-password;') === 0) {
$this->authOldPassword($password, $user);
} else {
if (!Passwords::verify($password, $plainHash)) {
throw new AuthenticationException('auth.flash.wrongPassword', self::INVALID_CREDENTIAL);
}
}
if (Passwords::needsRehash($plainHash)) {
$plainHash = Passwords::hash($password);
$user->password = $this->aes->encrypt($plainHash);
$this->orm->flush();
}
return new Identity($user->id);
}
/**
* Compare $password to origin
* @param $password
* @return bool
*/
public function verifyPassword($password)
{
if (Passwords::verify($password, $this->password)) {
if (Passwords::needsRehash($this->password)) {
$this->setPassword($password);
}
return TRUE;
}
return FALSE;
}
/**
* Funkce kontrolující, zda zadané heslo odpovídá hodnotě uložené v configu
* @param string $password
* @return bool
*/
public function checkInstallationPassword($password)
{
$passwordHash = $this->data['parameters']['install']['password'];
if (Passwords::verify($password, $passwordHash)) {
if (Passwords::needsRehash($password)) {
$this->saveInstallationPassword($password);
}
return true;
}
return false;
}
/**
* @param array $credentials
* @return null|User
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->users->findOneBy(['email' => $email]);
if (!$user) {
throw new AuthenticationException('Invalid credentials.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $user->password)) {
throw new AuthenticationException('Invalid credentials.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->password)) {
$user->setPassword($password);
$this->em->flush();
}
return $user;
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$user = $this->usersFacade->findByName($username);
if ($user == null) {
throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $user->getPassword())) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->getPassword())) {
$this->usersFacade->update(array('password' => Passwords::hash($password)));
}
$arr = array($user->getUsername(), $user->getEmail(), $user->getDate());
return new Nette\Security\Identity($user->getId(), $user->getRole(), $arr);
}
/**
* Performs an authentication
*
* Partly taken from Nette Sandbox tutorial
*
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->database->table('user')->where('email', $email)->fetch();
if (!$user) {
throw new Nette\Security\AuthenticationException('User not found.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $user['password'])) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user['password'])) {
// from Nette Sandbox
$user->update(array('password' => Passwords::hash($password)));
}
return new Nette\Security\Identity($user['id'], 'admin', array('name' => $user->name, 'email' => $user->email));
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$user = $this->findUser($username);
if (!$user) {
throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!strcmp($password, $user[self::COLUMN_PASSWORD_HASH])) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user[self::COLUMN_PASSWORD_HASH])) {
$user->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($password)));
}
$arr = $user->toArray();
unset($arr[self::COLUMN_PASSWORD_HASH]);
return new Nette\Security\Identity($user[self::COLUMN_ID], $user[self::COLUMN_ROLE], $arr);
}
function authenticate(array $credentials)
{
list($email, $password) = $credentials;
/** @var User $user */
$user = $this->em->getRepository(User::class)->findOneBy(array('email' => $email));
if (!$user) {
throw new AuthenticationException("User with e-mail {$email} not found.", self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $user->getPassword())) {
throw new AuthenticationException('Incorrect password.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->getPassword())) {
$user->setPassword(Passwords::hash($password));
}
$arr = array('email' => $user->getEmail(), 'id' => $user->getId(), 'role' => $user->getRole());
return new Identity($arr['id'], $arr['role'], $arr);
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $qqscredentials)
{
list($sUsername, $sPassword) = $qqscredentials;
$oRow = $this->oDatabase->table(self::TABLE_NAME)->where(self::COLUMN_NAME, $sUsername)->fetch();
if (!$oRow) {
throw new Nette\Security\AuthenticationException('Neplatné heslo.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($sPassword, $oRow[self::COLUMN_PASSWORD_HASH])) {
throw new Nette\Security\AuthenticationException('Neplatné heslo.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($oRow[self::COLUMN_PASSWORD_HASH])) {
$oRow->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($sPassword)));
}
$qoData = $oRow->toArray();
unset($qoData[self::COLUMN_PASSWORD_HASH]);
return new Nette\Security\Identity($oRow[self::COLUMN_ID], $this->oDatabase->table(self::TABLE_ROLE_NAME)->select(self::COLL_NAME)->get($oRow[self::COLUMN_TYP])[self::COLL_NAME], $qoData);
}
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @return IIdentity
* @throws AuthenticationException
*/
function authenticate(array $credentials)
{
list($username, $password) = $credentials;
foreach ($this->userlist as $name => $pass) {
if (strcasecmp($name, $username) === 0) {
$isNoHashed = Passwords::needsRehash($pass);
if ($isNoHashed and (string) $pass === (string) $password or !$isNoHashed and Passwords::verify($password, $pass)) {
return new Identity($name, isset($this->usersRoles[$name]) ? $this->usersRoles[$name] : NULL);
} else {
throw new AuthenticationException('Invalid password.', self::INVALID_CREDENTIAL);
}
}
}
throw new AuthenticationException("User '{$username}' not found.", self::IDENTITY_NOT_FOUND);
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$user = $this->userRepository->findOneBy(array('username' => $username));
/** @var \App\Model\Entities\UserEntity $user */
if (!$user) {
throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (Passwords::verify($password, $user->password)) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->password)) {
$user->password = Passwords::hash($password);
$this->userRepository->save($user);
}
return $user;
}
/**
* @throws Nette\Security\AuthenticationException
* @return Nette\Security\Identity
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->userRepository->getByEmail($email);
if (!$user) {
throw new Nette\Security\AuthenticationException($this->translator->translate('locale.sign.incorrect_email'), self::IDENTITY_NOT_FOUND);
} elseif (!$user->isAuthenticated) {
throw new Nette\Security\AuthenticationException($this->translator->translate('locale.sign.authentication_waiting'), self::NOT_APPROVED);
} elseif (!Passwords::verify($password . $user->salt, $user->password)) {
throw new Nette\Security\AuthenticationException($this->translator->translate('locale.sign.incorrect_password'), self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->password)) {
$this->userRepository->updatePassword($user, $user->password);
}
return $this->updateIdentity($user);
}
/**
* Performs an authentication.
* @param array $credentials
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$row = $this->findByEmail($email);
if (!$row) {
throw new Nette\Security\AuthenticationException(sprintf('Unknown user', $email), self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row['password'])) {
throw new Nette\Security\AuthenticationException('Invalid password', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row['password'])) {
$row->update(['password' => Passwords::hash($password)]);
}
$arr = $row->toArray();
unset($arr['password']);
return new Nette\Security\Identity($row['id'], null, $arr);
}
/**
* Performs an authentication
*
* @param array $credentials
*
* @return Security\Identity|Security\IIdentity
* @throws \Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$row = $this->database->table('users')->where('username ? OR email ?', $username, $username)->where('active', '1')->fetch();
if (!$row) {
throw new Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row->password)) {
throw new Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row->password)) {
$row->update(array('password' => Passwords::hash($password)));
}
$arr = $row->toArray();
unset($arr['password']);
return new Security\Identity($row->id, $row->role, $arr);
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$row = $this->database->table(self::TABLE_NAME)->where(self::COLUMN_NAME, $username)->fetch();
if (!$row) {
throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row[self::COLUMN_PASSWORD_HASH])) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) {
$row->update([self::COLUMN_PASSWORD_HASH => Passwords::hash($password)]);
}
$arr = $row->toArray();
unset($arr[self::COLUMN_PASSWORD_HASH]);
return new Nette\Security\Identity($row[self::COLUMN_ID], $row[self::COLUMN_ROLE], $arr);
}
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @return IIdentity
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->entityManager->getRepository(User::class)->findOneBy(['email' => $email]);
if ($user === null) {
throw new AuthenticationException('Špatná E-mailová adresa');
}
if (!Passwords::verify($password, $user->getPassword())) {
throw new AuthenticationException('Špatné heslo');
} elseif (Passwords::needsRehash($user->getPassword())) {
$user->password = Passwords::hash($password);
}
$this->onLoggedIn($user, $this->httpRequest->getRemoteAddress());
return new FakeIdentity($user->getId(), get_class($user));
}
/**
* Performs an authentication.
* @param array $credentials
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$row = $this->repository->findOneBy(["email" => $email]);
if (!$row) {
throw new Nette\Security\AuthenticationException('The email is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row['password'])) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row['password'])) {
$row->update(array('password' => Passwords::hash($password)));
}
$arr = $row->toArray();
unset($arr['password']);
return new Nette\Security\Identity($row['id'], $row['role'], $arr);
}
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @return IIdentity
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$row = $this->userService->getByEmail($email);
if (!$row) {
throw new AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row->password)) {
throw new AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row->password)) {
$this->userService->edit(['password' => Passwords::hash($password)], ['email' => $email]);
}
$row->password = null;
$this->onSignIn($row->email);
return new Identity($row->idUser, null, []);
//TODO: přenášet informace o uživateli?
}
/**
* @param array $credentials
* @return Nette\Security\Identity|Nette\Security\IIdentity
* @throws \Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$password = $this->removeCapsLock($password);
$user = $this->users->findOneBy(['username' => $username]);
if (!$user) {
throw new Nette\Security\AuthenticationException('Uživatelské jméno není správné.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $user->password)) {
throw new Nette\Security\AuthenticationException('Zadané heslo není správné.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($user->password)) {
$user->password = Passwords::hash($password);
$this->users->save($user);
} else {
return new Nette\Security\Identity($user->getId(), $user->role);
}
}
/**
* Performs an authentication.
*
* @return Nette\Security\Identity
*
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$row = $this->connection->query('SELECT * FROM [' . self::TABLE_NAME . '] WHERE', array(self::COLUMN_NAME => $username))->fetch();
if (!$row) {
throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row[self::COLUMN_PASSWORD_HASH])) {
throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) {
$row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($password)));
}
$arr = $row->toArray();
unset($arr[self::COLUMN_PASSWORD_HASH]);
$roles = $row->role ? explode(',', $row->role) : array('registered');
return new Nette\Security\Identity($row[self::COLUMN_ID], $roles, $arr);
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$row = $this->userDat()->where('nickName = ? OR mail = ?', $username, $username)->fetch();
if (!$row) {
throw new AuthenticationException('Nesprávné uživatelské jméno nebo mail.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row['password'])) {
throw new AuthenticationException('Nesprávné heslo.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row['password'])) {
$row->update(array('password' => Passwords::hash($password)));
} elseif ($row['deleted']) {
throw new AuthenticationException('Zablokovaný účet', self::INVALID_CREDENTIAL);
}
$this->logInToForum($username, $password);
$arr = $row->toArray();
unset($arr['password']);
return new Nette\Security\Identity($row['id'], $row['permissions'], $arr);
}
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$loginData = $this->localLoginModel->getBy(array("user.email" => $username));
if (!$loginData) {
throw new \Nette\Security\AuthenticationException('Neznámé jméno uživatele.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $loginData["password"])) {
throw new \Nette\Security\AuthenticationException('Nesprávné heslo.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($loginData["password"])) {
$this->localLoginModel->update($loginData->user_id, array("password" => Passwords::hash($password)));
}
$identity = $this->buildIdentity($loginData->user_id);
$enabled = $identity->getData()["enabled"];
if (!$enabled) {
throw new \Nette\Security\AuthenticationException('Tento účet je zablokovaný.', self::INACTIVE);
}
$this->user->login($identity);
}
/**
* @param array
* @return \Nette\Security\Identity
* @throws Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
// Find user.
$row = $this->findUser($email);
// Invalid username.
if (!$row) {
throw new Security\AuthenticationException('User not found.', self::IDENTITY_NOT_FOUND);
// Invalid password.
} elseif (!Security\Passwords::verify($password, $row->password)) {
throw new Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL);
// Re-hash password.
} elseif (Security\Passwords::needsRehash($row->password)) {
$this->rehashPassword($row->id, ['password' => Security\Passwords::hash($password)]);
}
unset($row->password);
return new Security\Identity($row->id, NULL, $row->toArray());
}
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @return IIdentity
* @throws AuthenticationException
* @throws InaccessibleAccountException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
$user = $this->usersReader->getUserByEmail($email);
if ($user === null) {
throw new AuthenticationException('Zadali jste špatný email.');
}
if (!Passwords::verify($password, $user->password)) {
throw new AuthenticationException('Zadali jste špatné heslo.');
} elseif (Passwords::needsRehash($user->password)) {
$user->password = Passwords::hash($password);
}
if (!$user->isUserAccountAccessible()) {
throw new InaccessibleAccountException();
// user is banned
}
$this->onLoggedIn($user);
return new FakeIdentity($user->getId(), get_class($user));
}
/**
* Performs an authentication.
* @return Nette\Security\Identity
* @throws Nette\Security\AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
// ActiveRow
$row = $this->findAll(self::TABLE_NAME)->where(self::COLUMN_NAME, $username)->fetch();
if (!$row) {
throw new Nette\Security\AuthenticationException('The login is incorrect.', self::IDENTITY_NOT_FOUND);
} elseif (!Passwords::verify($password, $row[self::COLUMN_PASSWORD_HASH])) {
throw new Nette\Security\AuthenticationException('The login is incorrect.', self::INVALID_CREDENTIAL);
} elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) {
$row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($password)));
}
$arr = $row->toArray();
$roles = array();
foreach ($row->related('users_roles', 'users_id') as $user_role) {
$roles[] = $user_role->roles->role;
}
unset($arr[self::COLUMN_PASSWORD_HASH]);
return new Nette\Security\Identity($row[self::COLUMN_ID], $roles, $arr);
}
/**
* Performs an authentication against e.g. database.
* and returns IIdentity on success or throws AuthenticationException
* @return IIdentity
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($email, $password) = $credentials;
try {
$user = $this->userManager->findUserByEmail($email);
} catch (\Exceptions\Runtime\UserNotFoundException $u) {
throw new AuthenticationException('Zadali jste špatný email.');
}
if (!Passwords::verify($password, $user->password)) {
throw new AuthenticationException('Zadali jste špatné heslo.');
} elseif (Passwords::needsRehash($user->password)) {
$user->password = Passwords::hash($password);
$this->userManager->saveUser($user);
}
$info = array('lastLogin' => new \DateTime(), 'lastIP' => $this->httpRequest->getRemoteAddress());
$user->assign($info);
$this->userManager->saveUser($user);
$arr = $user->getData();
unset($arr['password']);
return new Identity($user->userID, $user->role, $arr);
}
/**
* @param array $credentials
* @return Identity
* @throws AuthenticationException
*/
public function authenticate(array $credentials)
{
list($username, $password) = $credentials;
$user = $this->userModel->findBy('username', $username);
$usernameFail = false;
if (!$user) {
$usernameFail = true;
}
if ($usernameFail) {
$user = $this->userModel->findBy('email', $username);
if (!$user) {
throw new AuthenticationException('Špatné přihlašovací jméno nebo email.', self::IDENTITY_NOT_FOUND);
}
}
if (!Passwords::verify($password, $user->password)) {
throw new AuthenticationException('Špatné heslo.', self::INVALID_CREDENTIAL);
}
if (Passwords::needsRehash($user->password)) {
$user->password = $this->db->table('user')->where('id', $user->id)->update(['password' => Passwords::hash($password)])->password;
}
$arr = (array) $user;
unset($arr['password']);
return new Identity($user->id, $user->role, $arr);
}
/**
* If the password was hashed with too small cost, this method can tell you that,
* so you can regenerate the hash with higher cost.
*
* @return bool
*/
public function passwordNeedsRehash()
{
return Passwords::needsRehash($this->password);
}
