public function verify($username, $password)
{
$credentials = ['username' => $username, 'password' => $password];
$person = new Person();
$resp = $person->getUsername($credentials['username']);
if (!empty($resp)) {
if (\Hash::check($credentials['password'], $resp['password'])) {
$auth = true;
} else {
//check for old hashing
if (md5($credentials['password']) == $resp['password']) {
//convert old pass to new hashing
$resp['password'] = bcrypt($credentials['password']);
$id = my_encode($resp['id']);
$person->update($id, $resp);
$auth = true;
} else {
$auth = false;
}
}
} else {
//invalid user
$auth = false;
}
if ($auth) {
$result = $person->respondWithItem($resp, new UserTransformer());
session()->put('user', $result);
return my_decode($resp['id']);
}
return false;
}
/**
* Authenticate user
* @param Request $request
*/
public function attempt(LoginRequest $request)
{
$params = $request->only('username', 'password');
$person = new Person();
$resp = $person->getUsername($params['username']);
if (!empty($resp)) {
if (\Hash::check($params['password'], $resp['password'])) {
$request->session()->put('user', ['id' => $resp['id'], 'username' => $resp['username'], 'role' => $resp['role'], 'disp_name' => $resp['role'] == 'A' ? 'Administrator' : $resp['first_name'] . ' ' . $resp['last_name']]);
$message = 'success';
} else {
//check for old hashing
if (md5($params['password']) == $resp['password']) {
//convert old pass to new hashing
$resp['password'] = bcrypt($params['password']);
$id = 'person_' . $resp['id'];
$person->update($id, $resp);
$request->session()->put('user', ['id' => $resp['id'], 'username' => $resp['username'], 'role' => $resp['role'], 'disp_name' => $resp['role'] == 'A' ? 'Administrator' : $resp['first_name'] . ' ' . $resp['last_name']]);
$message = 'success';
} else {
//invalid password
$message = 'invalid';
}
}
} else {
//invalid user
$message = 'invalid';
}
return response(['login_status' => $message]);
}
