app/Auth/Database.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

<?php

namespace Auth;

use Model\User;

/**
 * Database authentication
 *
 * @package  auth
 * @author   Frederic Guillot
 */
class Database extends Base
{
    /**
     * Backend name
     *
     * @var string
     */
    const AUTH_NAME = 'Database';

    /**
     * Authenticate a user
     *
     * @access public
     * @param  string  $username  Username
     * @param  string  $password  Password
     * @return boolean
     */
    public function authenticate($username, $password)
    {
        $user = $this->db->table(User::TABLE)->eq('username', $username)->eq('is_ldap_user', 0)->findOne();

        if ($user && password_verify($password, $user['password'])) {

            // Update user session
            $this->user->updateSession($user);

            // Update login history
            $this->lastLogin->create(
                self::AUTH_NAME,
                $user['id'],
                $this->user->getIpAddress(),
                $this->user->getUserAgent()
            );

            return true;
        }

        return false;
    }
}