/** * Check Password * * Check that the password supplied to this method equates to the same password hash that is stored in the * database for the user identified by the current (this) model instance. * * @access public * @param string $password * @return boolean */ public function password($password) { $phpass = new \Phpass\Hash(); return $phpass->checkPassword($password, $this->password); }
private function _handleLogin() { $errors = array(); if (empty($_POST['username'])) { $errors['username'] = '******'; } if (empty($_POST['password'])) { $errors['password'] = '******'; } if (empty($errors)) { $existing = $this->userDAO->selectByUsername($_POST['username']); if (!empty($existing)) { $hasher = new \Phpass\Hash(); if ($hasher->checkPassword($_POST['password'], $existing['password'])) { $_SESSION['user'] = $existing; $this->redirect('backbone.html'); } else { $_SESSION['error'] = 'Unknown username / password'; } } else { $_SESSION['error'] = 'Unknown username / password'; } } else { $_SESSION['error'] = 'Unknown username / password'; } $this->set('errors', $errors); }
<?php $userDAO = new UserDAO(); $app->post('/login/?', function () use($app, $userDAO) { header("Content-Type: application/json"); $post = $app->request->post(); if (empty($post)) { $post = (array) json_decode($app->request()->getBody()); } if (!empty($post['email']) && !empty($post['password'])) { $user = $userDAO->selectByEmail($post['email']); if (!empty($user)) { $hasher = new \Phpass\Hash(); if ($hasher->checkPassword($post['password'], $user['password'])) { $user = $userDAO->selectById($user['id']); $user["loggedIn"] = true; $_SESSION['user'] = $user; echo json_encode($user, JSON_NUMERIC_CHECK); } else { echo '{"error":"Fout wachtwoord."}'; } } else { echo '{"error":"Foute gebruiker."}'; } } else { echo '{"error":"Vul alles in..."}'; } });