public function index() { $username = Input::instance()->post("user"); $password = Input::instance()->post("password"); $user = identity::lookup_user_by_name($username); if (empty($user) || !identity::is_correct_password($user, $password)) { throw new Rest_Exception("Forbidden", 403); } $key = rest::get_access_token($user->id); rest::reply($key->access_key); }
public function index() { $username = Input::instance()->post("user"); $password = Input::instance()->post("password"); if (empty($username) || auth::too_many_failures($username)) { throw new Rest_Exception("Forbidden", 403); } $user = identity::lookup_user_by_name($username); if (empty($user) || !identity::is_correct_password($user, $password)) { module::event("user_login_failed", $username); throw new Rest_Exception("Forbidden", 403); } auth::login($user); rest::reply(rest::access_key()); }
private function _authenticate() { $auth = new Sabre_HTTP_BasicAuth(); $auth->setRealm(item::root()->title); $authResult = $auth->getUserPass(); list($username, $password) = $authResult; if (!$username || !$password) { $auth->requireLogin(); return false; } $user = identity::lookup_user_by_name($username); if (empty($user) || !identity::is_correct_password($user, $password)) { $auth->requireLogin(); return false; } identity::set_active_user($user); return true; }
private function _auth($url) { $form = auth::get_login_form($url); $valid = $form->validate(); if ($valid) { $user = identity::lookup_user_by_name($form->login->inputs["name"]->value); if (empty($user) || !identity::is_correct_password($user, $form->login->password->value)) { log::warning("user", t("Failed login for %name", array("name" => $form->login->inputs["name"]->value))); $form->login->inputs["name"]->add_error("invalid_login", 1); $valid = false; } } if ($valid) { auth::login($user); } // Either way, regenerate the session id to avoid session trapping Session::instance()->regenerate(); return array($valid, $form); }
public function __construct($name, $pass) { $user = identity::lookup_user_by_name($name); $this->result = identity::is_correct_password($user, $pass); }
static function valid_password($password_input) { if (!identity::is_correct_password(identity::active_user(), $password_input->value)) { $password_input->add_error("invalid_password", 1); } }