/** * Authenticate user. * * @param array $form Form fields. * * @return bool */ protected function authenticate($form) { /** @var User $user */ $user = $this->grav['user']; if (!$user->authenticated) { $username = isset($form['username']) ? $form['username'] : $this->rememberMe->login(); // Normal login process $user = User::find($username); if ($user->exists()) { if (!empty($form['username']) && !empty($form['password'])) { // Authenticate user $user->authenticated = $user->authenticate($form['password']); if ($user->authenticated) { // Authorize against user ACL $user_authorized = $user->authorize('site.login'); if ($user_authorized) { $this->grav['session']->user = $user; unset($this->grav['user']); $this->grav['user'] = $user; // If the user wants to be remembered, create Rememberme cookie if (!empty($form['rememberme'])) { $this->rememberMe->createCookie($form['username']); } else { $this->rememberMe->clearCookie(); $this->rememberMe->getStorage()->cleanAllTriplets($user->get('username')); } } } } } } else { // Authorize against user ACL $user_authorized = $user->authorize('site.login'); } // Authorize against user ACL $user_authorized = $user->authorize('site.login'); $user->authenticated = $user->authenticated && $user_authorized; return $user->authenticated; }