- if (!$record || !count($record)) {
- logger('authenticate: failed login attempt: ' . notags(trim($_POST['username'])) . ' from IP ' . $_SERVER['REMOTE_ADDR']);
- notice(t('Login failed.') . EOL);
- goaway(self::getApp()->get_baseurl());
- }
+ /**
+ * Attempts to authenticate using login/password
+ *
+ * @param string $username User name
+ * @param string $password Clear password
+ * @param bool $remember Whether to set the session remember flag
+ */
+ private static function passwordAuthentication($username, $password, $remember)
+ {
+ $record = null;
+
+ $addon_auth = [
+ 'username' => $username,
+ 'password' => $password,
+ 'authenticated' => 0,
+ 'user_record' => null
+ ];
+
+ /*
+ * An addon indicates successful login by setting 'authenticated' to non-zero value and returning a user record
+ * Addons should never set 'authenticated' except to indicate success - as hooks may be chained
+ * and later addons should not interfere with an earlier one that succeeded.
+ */
+ Addon::callHooks('authenticate', $addon_auth);
+
+ try {
+ if ($addon_auth['authenticated']) {
+ $record = $addon_auth['user_record'];