/**
* Authenticate a user given the username/password credentials
*
* @param array $credentials Credential information (must include "username" and "password")
* @param boolean $remember Flag to activate the "remember me" functionality
* @return boolean Pass/fail of authentication
*/
public static function authenticate(array $credentials, $remember = false)
{
$username = $credentials['username'];
$user = new UserModel(self::$datasource);
$user->findByUsername($username);
self::getLogger()->info('Authenticating user.', array('username' => $username));
// If they're inactive, they can't log in
if ($user->status === UserModel::STATUS_INACTIVE) {
self::getLogger()->error('User is inactive and cannot login.', array('username' => $username));
throw new Exception\UserInactiveException('User "' . $username . '" is inactive and cannot log in.');
}
// Handle some throttle logic, if it's turned on
if (self::$throttleStatus === true) {
// Set up our default throttle restriction
$instance = new \Psecio\Gatekeeper\Restrict\Throttle(array('userId' => $user->id));
self::$restrictions[] = $instance;
}
// Check any restrictions
if (!empty(self::$restrictions)) {
foreach (self::$restrictions as $restriction) {
if ($restriction->evaluate() === false) {
self::getLogger()->error('Restriction failed.', array('restriction' => get_class($restriction)));
throw new Exception\RestrictionFailedException('Restriction ' . get_class($restriction) . ' failed.');
}
}
}
// Verify the password!
$result = password_verify($credentials['password'], $user->password);
if (self::$throttleStatus === true && $result === true) {
self::getLogger()->info('User login verified.', array('username' => $username));
// If throttling is enabled, set the user back to allow
if (isset($instance)) {
$instance->model->allow();
}
$user->updateLastLogin();
if ($remember === true) {
self::getLogger()->info('Activating remember me.', array('username' => $username));
self::rememberMe($user);
}
}
return $result;
}
