/** * Load user by credentials. * * @access public * @param string $username * @param string $password * @param boolean $autologin * @return void * @throws \CB\Service\Exception */ public function login($username, $password, $autologin = false) { // load user $query = $this->getEntityManager()->createQuery('SELECT u from \\CB\\Entity\\User u WHERE u.username = :username AND u.password = :password'); $query->setParameters(array('username' => $username, 'password' => md5($password))); try { $User = $query->getSingleResult(); } catch (\Exception $e) { throw new \CB\Service\Exception('Invalid username and/or password!'); } // check permission if (!$this->can($User, 'login')) { throw new \CB\Service\Exception('User does not have permission to sign in!'); } // set session userId \CB\Session::set('userId', $User->getId()); // autologin if ($autologin) { // create token if (null !== ($Token = $this->getService('Token')->create($User->getId(), \CB\Service\Token::AUTOLOGIN))) { // create autologin cookie $expires = new \DateTime(); $expires->add(new \DateInterval('P1Y')); \CB\Cookie::set('autologin', $Token->getId(), $expires->getTimestamp()); } } // set session user self::$_sessionUser = $User; // return session user return self::$_sessionUser; }