/** * Authenticates a user if given the correct username and password. * * @param Request $request The HTTP Request object. * @param Response $response The HTTP Response object. * @param array $args The array containing arguments provided. * * @return string The message from the authentication process. */ public function authenticate(Request $request, Response $response, array $args) { //get post variables from request body $post = $request->getParams(); //validate post variables (exist, and as expected) /** @var Validator $v */ $v = new Validator($post); $v->rule('required', ['username', 'password']); $ret = array(); //if validation fails, exit, else authenticate if ($v->validate()) { if (password_verify($post['password'], $this->dbService->getPassword($post['username']))) { $user = $this->dbService->getUser($post['username']); if ($user) { if ($this->dbService->hasVerified($post['username'])) { $remember = $post['remember']; $this->startSession($user, $remember); $ret['success'] = true; $ret['message'] = "authenticated"; } else { $ret['success'] = false; $ret['message'] = "This account has not yet been verified."; } } else { $ret['success'] = false; $ret['message'] = "Incorrect username and/or password"; } } else { $ret['success'] = false; $ret['message'] = "Incorrect username and/or password"; } } else { $ret['success'] = true; $ret['message'] = "Please enter your username and password."; } return json_encode($ret); }
/** * @depends testUserIsNotVerifiedOnInsert * @param $data array * @return mixed */ public function testCanVerifyUser($data) { $this->dbService->verifyUser($data['key']); $this->assertTrue($this->dbService->hasVerified($data['username'])); return $data; }