*/
class UserAuthFilter extends BaseFilter implements Filterable {
// Exception constants
- const EXCEPTION_AUTH_DATA_INVALID = 0x0a0;
+ const EXCEPTION_AUTH_DATA_INVALID = 0x1b0;
/**
* The login method we shall choose
* @param $responseInstance An instance of a class with an Responseable interface
* @return void
* @throws UserAuthorizationException If the auth login was not found or if it was invalid
+ * @throws UserPasswordMismatchException If the supplied password hash does not match
*/
public function execute (Requestable $requestInstance, Responseable $responseInstance) {
// Then get an auth instance for checking and updating the auth cookies
// Stop here
throw new UserAuthorizationException($this, self::EXCEPTION_AUTH_DATA_INVALID);
+ } // END - if
+
+ // Now, try to get a user or guest instance
+ if ($authLogin == $this->getConfigInstance()->readConfig('guest_login_user')) {
+ // Guest login!
+ $userInstance = Guest::createGuestByUserName($authLogin);
+ } else {
+ // Regular user account
+ $userInstance = User::createUserByUserName($authLogin);
}
- // Destroy safely the auth instance
- unset($authInstance);
+ // Is the password correct?
+ if ($userInstance->getPasswordHash() !== $authHash) {
+ // Mismatching password
+ throw new UserPasswordMismatchException(array($this, $userInstance), User::EXCEPTION_USER_PASS_MISMATCH);
+ } // END - if
+
+ // Remember auth and user instances in registry
+ Registry::getRegistry()->addInstance('auth', $authInstance);
+ Registry::getRegistry()->addInstance('user', $userInstance);
}
}