/** * Attempt to log a user into the application with password and * identity field(s), usually email or username. * * @param array $input Array containing at least 'username' or 'email' and 'password'. * Optionally the 'remember' boolean. * @param bool $mustBeConfirmed If true, the user must have confirmed his email account in order to log-in. * * @return bool Success. */ public function logAttempt(array $input, $mustBeConfirmed = true) { $remember = $this->extractRememberFromArray($input); $emailOrUsername = $this->extractIdentityFromArray($input); if (!$this->loginThrottling($emailOrUsername)) { return false; } $user = $this->repo->getUserByEmailOrUsername($emailOrUsername); if ($user) { if (!$user->confirmed && $mustBeConfirmed) { return false; } $correctPassword = $this->app->make('hash')->check(isset($input['password']) ? $input['password'] : false, $user->password); if (!$correctPassword) { return false; } $this->app->make('auth')->login($user, $remember); return true; } return false; }