mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-04 15:17:28 +02:00
Code Issues Releases Wiki Activity

Add support for sign in via username to 'authenticateUserInternal'

Browse Source
This commit is contained in:
Marco
2017-02-20 21:32:45 +01:00
parent 495a87d499
commit 690485ba6d
1 changed files with 64 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/Auth.php
View File

@@ -265,7 +265,7 @@ class Auth {
* @throws AuthError if an internal problem occurred (do *not* catch)
*/
public function login($email, $password, $rememberDuration = null) {
$this->authenticateUserInternal($password, $email, $rememberDuration);
$this->authenticateUserInternal($password, $email, null, $rememberDuration);
}
/**
@@ -771,14 +771,18 @@ class Auth {
* Authenticates an existing user
*
* @param string $password the user's password
* @param string $email the user's email address
* @param string|null $email (optional) the user's email address
* @param string|null $username (optional) the user's username
* @param int|bool|null $rememberDuration (optional) the duration in seconds to keep the user logged in ("remember me"), e.g. `60 * 60 * 24 * 365.25` for one year
* @throws InvalidEmailException if the email address was invalid or could not be found
* @throws UnknownUsernameException if an attempt has been made to authenticate with a non-existing username
* @throws AmbiguousUsernameException if an attempt has been made to authenticate with an ambiguous username
* @throws InvalidPasswordException if the password was invalid
* @throws EmailNotVerifiedException if the email address has not been verified yet via confirmation email
* @throws AuthError if an internal problem occurred (do *not* catch)
*/
private function authenticateUserInternal($password, $email, $rememberDuration = null) {
private function authenticateUserInternal($password, $email = null, $username = null, $rememberDuration = null) {
if ($email !== null) {
$email = self::validateEmailAddress($email);
// attempt to look up the account information using the specified email address
@@ -797,6 +801,41 @@ class Auth {
// and re-throw the exception
throw new InvalidEmailException();
}
}
elseif ($username !== null) {
$username = trim($username);
// attempt to look up the account information using the specified username
try {
$userData = $this->getUserDataByUsername(
$username,
[ 'id', 'email', 'password', 'verified', 'username' ]
);
}
// if there is no user with the specified username
catch (UnknownUsernameException $e) {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
// and re-throw the exception
throw new UnknownUsernameException();
}
// if there are multiple users with the specified username
catch (AmbiguousUsernameException $e) {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
// and re-throw the exception
throw new AmbiguousUsernameException();
}
}
// if neither an email address nor a username has been provided
else {
// we can't do anything here because the method call has been invalid
throw new EmailOrUsernameRequiredError();
}
$password = self::validatePassword($password);
@@ -829,9 +868,16 @@ class Auth {
}
}
else {
// throttle this operation
$this->throttle(self::THROTTLE_ACTION_LOGIN);
if (isset($email)) {
$this->throttle(self::THROTTLE_ACTION_LOGIN, $email);
}
elseif (isset($username)) {
$this->throttle(self::THROTTLE_ACTION_LOGIN, $username);
}
// we cannot authenticate the user due to the password being wrong
throw new InvalidPasswordException();
}
}