container['dispatcher']->dispatch('app.bootstrap'); if ($this->isUserAuthenticated($username, $password)) { $this->checkProcedurePermission(true, $method); $this->userSession->initialize($this->user->getByUsername($username)); } elseif ($this->isAppAuthenticated($username, $password)) { $this->checkProcedurePermission(false, $method); } else { throw new AuthenticationFailure('Wrong credentials'); } } /** * Check user credentials * * @access public * @param string $username * @param string $password * @return boolean */ private function isUserAuthenticated($username, $password) { return $username !== 'jsonrpc' && ! $this->userLocking->isLocked($username) && $this->authenticationManager->passwordAuthentication($username, $password); } /** * Check administrative credentials * * @access public * @param string $username * @param string $password * @return boolean */ private function isAppAuthenticated($username, $password) { return $username === 'jsonrpc' && $password === $this->config->get('api_token'); } }