public function login($username, $password, \Espo\Entities\AuthToken $authToken = null)
{
if ($authToken) {
$hash = $authToken->get('hash');
} else {
$hash = $this->getPasswordHash()->hash($password);
}
$user = $this->getEntityManager()->getRepository('User')->findOne(array('whereClause' => array('userName' => $username, 'password' => $hash)));
return $user;
}
/**
* Login by authorization token
*
* @param string $username
* @param \Espo\Entities\AuthToken $authToken
* @return \Espo\Entities\User | null
*/
protected function loginByToken($username, \Espo\Entities\AuthToken $authToken = null)
{
if (!isset($authToken)) {
return null;
}
$userId = $authToken->get('userId');
$user = $this->getEntityManager()->getEntity('User', $userId);
$tokenUsername = $user->get('userName');
if ($username != $tokenUsername) {
$GLOBALS['log']->alert('Unauthorized access attempt for user [' . $username . '] from IP [' . $_SERVER['REMOTE_ADDR'] . ']');
return null;
}
$user = $this->getEntityManager()->getRepository('User')->findOne(array('whereClause' => array('userName' => $username)));
return $user;
}
