/**
* Load user by credentials.
*
* @access public
* @param string $username
* @param string $password
* @param boolean $autologin
* @return void
* @throws \CB\Service\Exception
*/
public function login($username, $password, $autologin = false)
{
// load user
$query = $this->getEntityManager()->createQuery('SELECT u from \\CB\\Entity\\User u WHERE u.username = :username AND u.password = :password');
$query->setParameters(array('username' => $username, 'password' => md5($password)));
try {
$User = $query->getSingleResult();
} catch (\Exception $e) {
throw new \CB\Service\Exception('Invalid username and/or password!');
}
// check permission
if (!$this->can($User, 'login')) {
throw new \CB\Service\Exception('User does not have permission to sign in!');
}
// set session userId
\CB\Session::set('userId', $User->getId());
// autologin
if ($autologin) {
// create token
if (null !== ($Token = $this->getService('Token')->create($User->getId(), \CB\Service\Token::AUTOLOGIN))) {
// create autologin cookie
$expires = new \DateTime();
$expires->add(new \DateInterval('P1Y'));
\CB\Cookie::set('autologin', $Token->getId(), $expires->getTimestamp());
}
}
// set session user
self::$_sessionUser = $User;
// return session user
return self::$_sessionUser;
}
