protected function _findUser($username, $password = null)
{
$userModel = $this->_config['userModel'];
list($plugin, $model) = pluginSplit($userModel);
$fields = $this->_config['fields'];
$conditions = [$model . '.' . $fields['username'] => $username];
$columns = [];
foreach ($this->_config['columns'] as $column) {
$columns[] = [$model . '.' . $column => $username];
}
$conditions = ['OR' => $columns];
if (!empty($this->_config['scope'])) {
$conditions = array_merge($conditions, $this->_config['scope']);
}
$table = TableRegistry::get($userModel)->find('all');
if ($this->_config['contain']) {
$table = $table->contain($this->_config['contain']);
}
$result = $table->where($conditions)->hydrate(false)->first();
if (empty($result)) {
return false;
}
if ($password !== null) {
$hasher = $this->passwordHasher();
$hashedPassword = $result[$fields['password']];
if (!$hasher->check($password, $hashedPassword)) {
return false;
}
$this->_needsPasswordRehash = $hasher->needsRehash($hashedPassword);
unset($result[$fields['password']]);
}
return $result;
}