/** * Attempt to authenticate the username and password pair. * * @return string|boolean A string containing a username if authentication is successful, false otherwise. * * @since 1.0 */ public function authenticate() { $method = $this->input->getMethod(); $username = $this->input->{$method}->get('username', false, 'username'); $password = $this->input->{$method}->get('password', false, 'raw'); if (!$username || !$password) { $this->status = Authentication::NO_CREDENTIALS; return false; } if (!isset($this->credentialStore[$username])) { $this->status = Authentication::NO_SUCH_USER; return false; } $hash = $this->credentialStore[$username]; if (!password_verify($password, $hash)) { $this->status = Authentication::INVALID_CREDENTIALS; return false; } $this->status = Authentication::SUCCESS; return $username; }