protected function authenticateAndRedirect($login, $password, $rememberMe, $urlToRedirect = false, $passwordHashed = false)
{
Nonce::discardNonce('Login.login');
$this->auth->setLogin($login);
if ($passwordHashed === false) {
$this->auth->setPassword($password);
} else {
$this->auth->setPasswordHash($password);
}
$this->sessionInitializer->initSession($this->auth, $rememberMe);
// remove password reset entry if it exists
$this->passwordResetter->removePasswordResetInfo($login);
if (empty($urlToRedirect)) {
$urlToRedirect = Url::getCurrentUrlWithoutQueryString();
}
Url::redirectToUrl($urlToRedirect);
}