/** * Try to log the current user in by email and password * * @param string $username * @param string $password * * @return false|Kanso\Auth\Helper\User */ public function login($username, $password) { # Get the user's row by the username $user = \Kanso\Kanso::getInstance()->Database()->Builder()->SELECT('*')->FROM('users')->WHERE('username', '=', $username)->ROW(); # Validate the user exists if (!$user || empty($user)) { return false; } # Validate the user is activated if ($user['status'] !== 'confirmed') { return false; } # Save the hashed password $hashedPass = utf8_decode($user['hashed_pass']); # Compare the hashed password to the provided password if (\Kanso\Security\Encrypt::verify($password, $hashedPass)) { $this->logClientIn($user); return $user; } return false; }