/** * */ public function attempt($records) { $password_field = config()->app->auth->password_field; if (isset($records[$password_field]) == false) { throw new Exception('Password field not found!'); } # - get the password information $password = $records[$password_field]; unset($records[$password_field]); # - build the conditions $conditions = null; $first = true; foreach ($records as $key => $record) { if (!$first) { $conditions .= 'AND'; } $conditions .= " {$key} = :{$key}: "; $first = false; } # - find the informations provided in the $records $auth_model = config()->app->auth->model; $records = $auth_model::find([$conditions, 'bind' => $records])->getFirst(); # - check if there is no record, then return false if (!$records) { return false; } # - now check if the password given is matched with the # existing password recorded. if (Security::checkHash($password, $records->{$password_field})) { Session::set('isAuthenticated', true); Session::set('user', $records); return true; } return false; }
public function load() { if (Request::isPost()) { if (Security::checkToken() == false) { # - throw exception or redirect the user # or render a content using # View::take(<resources.view>);exit; throw new AccessNotAllowedException('What are you doing?'); } } }