/**
* Try to authenticate.
*
* @return Result
*/
public function authenticate()
{
$mapper = $this->getMapper();
$user = $mapper->findByLogin($this->login);
if (null === $user) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null, []);
}
$mapper->detach($user);
if ($this->userService->loginAttemptsExceeded(LoginAttempt::TYPE_NORMAL, $user)) {
return new Result(Result::FAILURE, null, []);
}
if (!$this->verifyPassword($this->password, $user->getPassword(), $user)) {
$this->userService->logFailedLogin($user, LoginAttempt::TYPE_NORMAL);
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, []);
}
return new Result(Result::SUCCESS, $user);
}
/**
* Try to authenticate.
*
* @return Result
*/
public function authenticate()
{
$mapper = $this->getMapper();
$user = $mapper->findByLogin($this->lidnr);
if (null === $user) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null, []);
}
if ($this->userService->loginAttemptsExceeded(LoginAttempt::TYPE_PIN, $user)) {
return new Result(Result::FAILURE, null, []);
}
if (!$this->verifyPincode($user)) {
$this->userService->logFailedLogin($user, LoginAttempt::TYPE_PIN);
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, []);
}
/**
* Users logging in in this way should not have all their regular roles. Since this login
* method is less secure.
*/
$userRole = new UserRoleModel();
$userRole->setRole('sosuser');
$userRole->setLidnr($this->lidnr);
$user->setRoles([$userRole]);
return new Result(Result::SUCCESS, $user);
}
