/**
* This method is called when a user could not be authenticated, and
* authentication was required for the current request.
*
* This gives you the opportunity to set authentication headers. The 401
* status code will already be set.
*
* In this case of Basic Auth, this would for example mean that the
* following header needs to be set:
*
* $response->addHeader('WWW-Authenticate', 'Basic realm=SabreDAV');
*
* Keep in mind that in the case of multiple authentication backends, other
* WWW-Authenticate headers may already have been set, and you'll want to
* append your own WWW-Authenticate header instead of overwriting the
* existing one.
*
* @param RequestInterface $request
* @param ResponseInterface $response
*/
public function challenge(RequestInterface $request, ResponseInterface $response)
{
$auth = new Auth\BasicAuth($this->realm, $request, $response, $this->user_manager);
$userpass = $auth->getCredentials($this->encoder_service);
if (!$userpass) {
$auth->requireLogin();
}
// Authenticates the user
if (!$this->validateUserPass($userpass[0], $userpass[1])) {
$auth->requireLogin();
}
$this->currentUser = $userpass[0];
$request->setCurrentUsername($this->currentUser);
}
