/** * Perform the authorisation request * @return DbAuth */ public function authenticate() { $credential = $this->getCredential(); Assert::isNotEmpty($credential, "You must set a password before authentication"); $identity = $this->getIdentity(); Assert::isNotEmpty($identity, "You must set an username before authentication"); //We first get user from db if its exists $criteria = new Criteria(Restriction::is($this->identityColumn, $identity)); $records = TableGateway::loadMatching($this->table, $criteria); if ($records->count() == 0) { return false; } /** @var $user Customer */ $user = $records->current(); //Yes we need to reassign this to variable. $credentialColumn = $this->credentialColumn; $credentialSaltColumn = $this->credentialSaltColumn; $slatedCredentialColumn = $this->slatedCredentialColumn; //We check if we should use salt checking if (!empty($credentialSaltColumn) && !empty($slatedCredentialColumn) && !empty($user->{$credentialSaltColumn}) && !empty($user->{$slatedCredentialColumn})) { //Fo salt we check if password is same like credential $authenticated = SaltPasswordManager::checkPasswordWithHash($user->{$slatedCredentialColumn}, $user->{$credentialSaltColumn}, $this->credential); } else { //If don't have salt we must check if we have hashed password if ($this->hash) { $credential = SaltPasswordManager::generateSimpleHash($this->credential); } else { $credential = $this->credential; } //We check if we are authenticated $authenticated = $credential == $user->{$credentialColumn}; /** * If we are authenticated and have original password, we can create and add slated password for user and * we should do it. It means we are not Auto Login or something. */ if ($authenticated && $this->hash) { if (!empty($credentialSaltColumn) && !empty($slatedCredentialColumn)) { list($password, $hash) = SaltPasswordManager::generateSaltedPassword($this->credential); $this->addSalt($user, $password, $hash); } } } if (empty($authenticated)) { return false; } return $this->authorisedId = $records->current()->__get($this->identityKey); }