private function authenticateWithPassword($login, $passwordHash)
{
$user = $this->userModel->getUser($login);
if (empty($user['login'])) {
return new AuthResult(AuthResult::FAILURE, $login, null);
}
if ($this->passwordHelper->verify($passwordHash, $user['password'])) {
if ($this->passwordHelper->needsRehash($user['password'])) {
$newPasswordHash = $this->passwordHelper->hash($passwordHash);
$this->userModel->updateUser($login, $newPasswordHash, $user['email'], $user['alias'], $user['token_auth']);
}
return $this->authenticationSuccess($user);
}
return new AuthResult(AuthResult::FAILURE, $login, null);
}
/**
* Returns the user's API token.
*
* If the username/password combination is incorrect an invalid token will be returned.
*
* @param string $userLogin Login
* @param string $md5Password hashed string of the password (using current hash function; MD5-named for historical reasons)
* @return string
*/
public function getTokenAuth($userLogin, $md5Password)
{
UsersManager::checkPasswordHash($md5Password, Piwik::translate('UsersManager_ExceptionPasswordMD5HashExpected'));
$user = $this->model->getUser($userLogin);
if (!$this->password->verify($md5Password, $user['password'])) {
return md5($userLogin . microtime(true) . Common::generateUniqId());
}
if ($this->password->needsRehash($user['password'])) {
$this->updateUser($userLogin, $this->password->hash($md5Password));
}
return $user['token_auth'];
}
