/** * Authenticate a user given the username/password credentials * * @param array $credentials Credential information (must include "username" and "password") * @param boolean $remember Flag to activate the "remember me" functionality * @return boolean Pass/fail of authentication */ public static function authenticate(array $credentials, $remember = false) { $username = $credentials['username']; $user = new UserModel(self::$datasource); $user->findByUsername($username); self::getLogger()->info('Authenticating user.', array('username' => $username)); // If they're inactive, they can't log in if ($user->status === UserModel::STATUS_INACTIVE) { self::getLogger()->error('User is inactive and cannot login.', array('username' => $username)); throw new Exception\UserInactiveException('User "' . $username . '" is inactive and cannot log in.'); } // Handle some throttle logic, if it's turned on if (self::$throttleStatus === true) { // Set up our default throttle restriction $instance = new \Psecio\Gatekeeper\Restrict\Throttle(array('userId' => $user->id)); self::$restrictions[] = $instance; } // Check any restrictions if (!empty(self::$restrictions)) { foreach (self::$restrictions as $restriction) { if ($restriction->evaluate() === false) { self::getLogger()->error('Restriction failed.', array('restriction' => get_class($restriction))); throw new Exception\RestrictionFailedException('Restriction ' . get_class($restriction) . ' failed.'); } } } // Verify the password! $result = password_verify($credentials['password'], $user->password); if (self::$throttleStatus === true && $result === true) { self::getLogger()->info('User login verified.', array('username' => $username)); // If throttling is enabled, set the user back to allow if (isset($instance)) { $instance->model->allow(); } $user->updateLastLogin(); if ($remember === true) { self::getLogger()->info('Activating remember me.', array('username' => $username)); self::rememberMe($user); } } return $result; }