function UserAuth::authenticate

Same name and namespace in other branches
  1. 8.9.x core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()
  2. 10 core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()
  3. 11.x core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()

Validates user authentication credentials.

Parameters

string $username: The user name to authenticate.

string $password: A plain-text password, such as trimmed text from form values.

Return value

int|bool The user's uid on success, or FALSE on failure to authenticate.

Overrides UserAuthInterface::authenticate

File

core/modules/user/src/UserAuth.php, line 43

Class

UserAuth
Validates user authentication credentials.

Namespace

Drupal\user

Code

public function authenticate($username, $password) {
  $uid = FALSE;
  if (!empty($username) && strlen($password) > 0) {
    $account_search = $this->entityTypeManager
      ->getStorage('user')
      ->loadByProperties([
      'name' => $username,
    ]);
    if ($account = reset($account_search)) {
      if ($this->passwordChecker
        ->check($password, $account->getPassword())) {
        // Successful authentication.
        $uid = $account->id();
        // Update user to new password scheme if needed.
        if ($this->passwordChecker
          ->needsRehash($account->getPassword())) {
          $account->setPassword($password);
          $account->save();
        }
      }
    }
  }
  return $uid;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.