Exemplo n.º 1
0
 public function login($username, $password, \Espo\Entities\AuthToken $authToken = null)
 {
     if ($authToken) {
         $hash = $authToken->get('hash');
     } else {
         $hash = $this->getPasswordHash()->hash($password);
     }
     $user = $this->getEntityManager()->getRepository('User')->findOne(array('whereClause' => array('userName' => $username, 'password' => $hash)));
     return $user;
 }
Exemplo n.º 2
0
 /**
  * Login by authorization token
  *
  * @param  string $username
  * @param  \Espo\Entities\AuthToken $authToken
  * @return \Espo\Entities\User | null
  */
 protected function loginByToken($username, \Espo\Entities\AuthToken $authToken = null)
 {
     if (!isset($authToken)) {
         return null;
     }
     $userId = $authToken->get('userId');
     $user = $this->getEntityManager()->getEntity('User', $userId);
     $tokenUsername = $user->get('userName');
     if ($username != $tokenUsername) {
         $GLOBALS['log']->alert('Unauthorized access attempt for user [' . $username . '] from IP [' . $_SERVER['REMOTE_ADDR'] . ']');
         return null;
     }
     $user = $this->getEntityManager()->getRepository('User')->findOne(array('whereClause' => array('userName' => $username)));
     return $user;
 }