/**
* Authenticate an application using a one-time application password.
* Creates a token to be used for subsequent requests.
*
* @param framework\Request $request
*/
public function runAuthenticate(framework\Request $request)
{
framework\Logging::log('Authenticating new application password.', 'api', framework\Logging::LEVEL_INFO);
$username = trim($request['username']);
$password = trim($request['password']);
if ($username) {
$user = tables\Users::getTable()->getByUsername($username);
if ($password && $user instanceof entities\User) {
// Generate token from the application password
$token = entities\ApplicationPassword::createToken($password);
// Crypt, for comparison with db value
$hashed_token = entities\User::hashPassword($token, $user->getSalt());
foreach ($user->getApplicationPasswords() as $app_password) {
// Only return the token for new application passwords!
if (!$app_password->isUsed()) {
if ($app_password->getHashPassword() == $hashed_token) {
$app_password->useOnce();
$app_password->save();
return $this->renderJSON(array('token' => $token, 'name' => $app_password->getName(), 'created_at' => $app_password->getCreatedAt()));
}
}
}
}
framework\Logging::log('No password matched.', 'api', framework\Logging::LEVEL_INFO);
}
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => 'Incorrect username or application password'));
}
