mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-04 15:17:28 +02:00
Code Issues Releases Wiki Activity

Add support for sign in via username to 'authenticateUserInternal'

Browse Source
This commit is contained in:
Marco
2017-02-20 21:32:45 +01:00
parent 495a87d499
commit 690485ba6d
1 changed files with 64 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

82
src/Auth.php
View File

@@ -265,7 +265,7 @@ class Auth {
* @throws AuthError if an internal problem occurred (do *not* catch) * @throws AuthError if an internal problem occurred (do *not* catch)
*/ */
public function login($email, $password, $rememberDuration = null) { public function login($email, $password, $rememberDuration = null) {
$this->authenticateUserInternal($password, $email, $rememberDuration); $this->authenticateUserInternal($password, $email, null, $rememberDuration);
} }
/** /**
@@ -771,31 +771,70 @@ class Auth {
* Authenticates an existing user * Authenticates an existing user
* *
* @param string $password the user's password * @param string $password the user's password
* @param string $email the user's email address * @param string|null $email (optional) the user's email address
* @param string|null $username (optional) the user's username
* @param int|bool|null $rememberDuration (optional) the duration in seconds to keep the user logged in ("remember me"), e.g. `60 * 60 * 24 * 365.25` for one year * @param int|bool|null $rememberDuration (optional) the duration in seconds to keep the user logged in ("remember me"), e.g. `60 * 60 * 24 * 365.25` for one year
* @throws InvalidEmailException if the email address was invalid or could not be found * @throws InvalidEmailException if the email address was invalid or could not be found
* @throws UnknownUsernameException if an attempt has been made to authenticate with a non-existing username
* @throws AmbiguousUsernameException if an attempt has been made to authenticate with an ambiguous username
* @throws InvalidPasswordException if the password was invalid * @throws InvalidPasswordException if the password was invalid
* @throws EmailNotVerifiedException if the email address has not been verified yet via confirmation email * @throws EmailNotVerifiedException if the email address has not been verified yet via confirmation email
* @throws AuthError if an internal problem occurred (do *not* catch) * @throws AuthError if an internal problem occurred (do *not* catch)
*/ */
private function authenticateUserInternal($password, $email, $rememberDuration = null) { private function authenticateUserInternal($password, $email = null, $username = null, $rememberDuration = null) {
$email = self::validateEmailAddress($email); if ($email !== null) {
$email = self::validateEmailAddress($email);
// attempt to look up the account information using the specified email address // attempt to look up the account information using the specified email address
try { try {
$userData = $this->getUserDataByEmailAddress( $userData = $this->getUserDataByEmailAddress(
$email, $email,
[ 'id', 'email', 'password', 'verified', 'username' ] [ 'id', 'email', 'password', 'verified', 'username' ]
); );
}
// if there is no user with the specified email address
catch (InvalidEmailException $e) {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
// and re-throw the exception
throw new InvalidEmailException();
}
} }
// if there is no user with the specified email address elseif ($username !== null) {
catch (InvalidEmailException $e) { $username = trim($username);
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
// and re-throw the exception // attempt to look up the account information using the specified username
throw new InvalidEmailException(); try {
$userData = $this->getUserDataByUsername(
$username,
[ 'id', 'email', 'password', 'verified', 'username' ]
);
}
// if there is no user with the specified username
catch (UnknownUsernameException $e) {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
// and re-throw the exception
throw new UnknownUsernameException();
}
// if there are multiple users with the specified username
catch (AmbiguousUsernameException $e) {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
// and re-throw the exception
throw new AmbiguousUsernameException();
}
}
// if neither an email address nor a username has been provided
else {
// we can't do anything here because the method call has been invalid
throw new EmailOrUsernameRequiredError();
} }
$password = self::validatePassword($password); $password = self::validatePassword($password);
@@ -829,9 +868,16 @@ class Auth {
} }
} }
else { else {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN); $this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email); if (isset($email)) {
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
}
elseif (isset($username)) {
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
}
// we cannot authenticate the user due to the password being wrong
throw new InvalidPasswordException(); throw new InvalidPasswordException();
} }
} }