Contao\User::login PHP Méthode

    public function login()
    {
        \System::loadLanguageFile('default');
        // Do not continue if username or password are missing
        if (empty($_POST['username']) || empty($_POST['password'])) {
            return false;
        }
        // Load the user object
        if ($this->findBy('username', \Input::post('username', true)) == false) {
            $blnLoaded = false;
            // HOOK: pass credentials to callback functions
            if (isset($GLOBALS['TL_HOOKS']['importUser']) && is_array($GLOBALS['TL_HOOKS']['importUser'])) {
                foreach ($GLOBALS['TL_HOOKS']['importUser'] as $callback) {
                    $this->import($callback[0], 'objImport', true);
                    $blnLoaded = $this->objImport->{$callback[1]}(\Input::post('username', true), \Input::postUnsafeRaw('password'), $this->strTable);
                    // Load successfull
                    if ($blnLoaded === true) {
                        break;
                    }
                }
            }
            // Return if the user still cannot be loaded
            if (!$blnLoaded || $this->findBy('username', \Input::post('username', true)) == false) {
                \Message::addError($GLOBALS['TL_LANG']['ERR']['invalidLogin']);
                $this->log('Could not find user "' . \Input::post('username', true) . '"', __METHOD__, TL_ACCESS);
                return false;
            }
        }
        $time = time();
        // Set the user language
        if (\Input::post('language')) {
            $this->language = \Input::post('language');
        }
        // Lock the account if there are too many login attempts
        if ($this->loginCount < 1) {
            $this->locked = $time;
            $this->loginCount = \Config::get('loginCount');
            $this->save();
            // Add a log entry and the error message, because checkAccountStatus() will not be called (see #4444)
            $this->log('User "' . $this->username . '" has been locked for ' . ceil(\Config::get('lockPeriod') / 60) . ' minutes', __METHOD__, TL_ACCESS);
            \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['accountLocked'], ceil(($this->locked + \Config::get('lockPeriod') - $time) / 60)));
            // Send admin notification
            if (\Config::get('adminEmail') != '') {
                $objEmail = new \Email();
                $objEmail->subject = $GLOBALS['TL_LANG']['MSC']['lockedAccount'][0];
                $objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['lockedAccount'][1], $this->username, TL_MODE == 'FE' ? $this->firstname . " " . $this->lastname : $this->name, \Idna::decode(\Environment::get('base')), ceil(\Config::get('lockPeriod') / 60));
                $objEmail->sendTo(\Config::get('adminEmail'));
            }
            return false;
        }
        // Check the account status
        if ($this->checkAccountStatus() == false) {
            return false;
        }
        // The password has been generated with crypt()
        if (\Encryption::test($this->password)) {
            $blnAuthenticated = \Encryption::verify(\Input::postUnsafeRaw('password'), $this->password);
        } else {
            list($strPassword, $strSalt) = explode(':', $this->password);
            $blnAuthenticated = $strSalt == '' ? $strPassword === sha1(\Input::postUnsafeRaw('password')) : $strPassword === sha1($strSalt . \Input::postUnsafeRaw('password'));
            // Store a SHA-512 encrpyted version of the password
            if ($blnAuthenticated) {
                $this->password = \Encryption::hash(\Input::postUnsafeRaw('password'));
            }
        }
        // HOOK: pass credentials to callback functions
        if (!$blnAuthenticated && isset($GLOBALS['TL_HOOKS']['checkCredentials']) && is_array($GLOBALS['TL_HOOKS']['checkCredentials'])) {
            foreach ($GLOBALS['TL_HOOKS']['checkCredentials'] as $callback) {
                $this->import($callback[0], 'objAuth', true);
                $blnAuthenticated = $this->objAuth->{$callback[1]}(\Input::post('username', true), \Input::postUnsafeRaw('password'), $this);
                // Authentication successfull
                if ($blnAuthenticated === true) {
                    break;
                }
            }
        }
        // Redirect if the user could not be authenticated
        if (!$blnAuthenticated) {
            --$this->loginCount;
            $this->save();
            \Message::addError($GLOBALS['TL_LANG']['ERR']['invalidLogin']);
            $this->log('Invalid password submitted for username "' . $this->username . '"', __METHOD__, TL_ACCESS);
            return false;
        }
        $this->setUserFromDb();
        // Update the record
        $this->lastLogin = $this->currentLogin;
        $this->currentLogin = $time;
        $this->loginCount = \Config::get('loginCount');
        $this->save();
        // Generate the session
        $this->regenerateSessionId();
        $this->generateSession();
        $this->log('User "' . $this->username . '" has logged in', __METHOD__, TL_ACCESS);
        // HOOK: post login callback
        if (isset($GLOBALS['TL_HOOKS']['postLogin']) && is_array($GLOBALS['TL_HOOKS']['postLogin'])) {
            foreach ($GLOBALS['TL_HOOKS']['postLogin'] as $callback) {
                $this->import($callback[0], 'objLogin', true);
                $this->objLogin->{$callback[1]}($this);
            }
        }
        return true;
    }