/** * Try to authenticate. * * @return Result */ public function authenticate() { $mapper = $this->getMapper(); $user = $mapper->findByLogin($this->login); if (null === $user) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null, []); } $mapper->detach($user); if ($this->userService->loginAttemptsExceeded(LoginAttempt::TYPE_NORMAL, $user)) { return new Result(Result::FAILURE, null, []); } if (!$this->verifyPassword($this->password, $user->getPassword(), $user)) { $this->userService->logFailedLogin($user, LoginAttempt::TYPE_NORMAL); return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, []); } return new Result(Result::SUCCESS, $user); }
/** * Try to authenticate. * * @return Result */ public function authenticate() { $mapper = $this->getMapper(); $user = $mapper->findByLogin($this->lidnr); if (null === $user) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null, []); } if ($this->userService->loginAttemptsExceeded(LoginAttempt::TYPE_PIN, $user)) { return new Result(Result::FAILURE, null, []); } if (!$this->verifyPincode($user)) { $this->userService->logFailedLogin($user, LoginAttempt::TYPE_PIN); return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, []); } /** * Users logging in in this way should not have all their regular roles. Since this login * method is less secure. */ $userRole = new UserRoleModel(); $userRole->setRole('sosuser'); $userRole->setLidnr($this->lidnr); $user->setRoles([$userRole]); return new Result(Result::SUCCESS, $user); }