* @param $responseInstance An instance of a class with an Responseable interface
* @return void
* @throws UserAuthorizationException If the auth login was not found or if it was invalid
+ * @throws UserPasswordMismatchException If the supplied password hash does not match
*/
public function execute (Requestable $requestInstance, Responseable $responseInstance) {
// Then get an auth instance for checking and updating the auth cookies
// Stop here
throw new UserAuthorizationException($this, self::EXCEPTION_AUTH_DATA_INVALID);
- }
+ } // END - if
- // Destroy safely the auth instance
- unset($authInstance);
+ // Now, try to get a user instance
+ $userInstance = User::createUserByUserName($authLogin);
+
+ // Is the password correct?
+ if ($userInstance->getPasswordHash() !== $authHash) {
+ // Mismatching password
+ throw new UserPasswordMismatchException(array($this, $userInstance), User::EXCEPTION_USER_PASS_MISMATCH);
+ } // END - if
+
+ // Remember auth and user instances in registry
+ Registry::getRegistry()->addInstance('auth', $authInstance);
+ Registry::getRegistry()->addInstance('user', $userInstance);
}
}