function UserAuth::authenticate

Same name and namespace in other branches
  1. 9 core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()
  2. 8.9.x core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()
  3. 11.x core/modules/user/src/UserAuth.php \Drupal\user\UserAuth::authenticate()

Validates user authentication credentials.

Parameters

string $username: The user name to authenticate.

string $password: A plain-text password, such as trimmed text from form values.

Return value

int|bool The user's uid on success, or FALSE on failure to authenticate.

Overrides UserAuthInterface::authenticate

File

core/modules/user/src/UserAuth.php, line 44

Class

UserAuth
Validates user authentication credentials.

Namespace

Drupal\user

Code

public function authenticate($username, #[\SensitiveParameter] $password) {
  @trigger_error(__METHOD__ . ' is deprecated in drupal:10.3.0 and will be removed from drupal:12.0.0. Implement \\Drupal\\user\\UserAuthenticationInterface instead. See https://www.drupal.org/node/3411040');
  $uid = FALSE;
  if (!empty($username) && strlen($password) > 0) {
    $account_search = $this->entityTypeManager
      ->getStorage('user')
      ->loadByProperties([
      'name' => $username,
    ]);
    if ($account = reset($account_search)) {
      if ($this->passwordChecker
        ->check($password, $account->getPassword())) {
        // Successful authentication.
        $uid = $account->id();
        // Update user to new password scheme if needed.
        if ($this->passwordChecker
          ->needsRehash($account->getPassword())) {
          $account->setPassword($password);
          $account->save();
        }
      }
    }
  }
  return $uid;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.