/**
* Authorize an email/password
*
* @param string $email
* @param string $password
* @return object | bool
*/
public function authorizeLogin($email, $password)
{
// check if the email exists
$util = $this->getService('util');
$user = \Db\Sql\Users::findByEmail($email)->getFirst();
if (!$user || !valid($user->email, STRING)) {
$util->addMessage('Email and password do not match', ERROR);
return FALSE;
}
// hash the plaintext password and compare it against the
// database password.
$security = $this->getService('security');
if (!$security->checkHash($password, $user->password)) {
$util->addMessage('Email and password do not match', ERROR);
return FALSE;
}
return $user;
}
