| static public fetchByCredentials ( $sUsername, $sClearPassword ) |
static function fetchByCredentials($sUsername, $sClearPassword)
{
# Algorithm:
# 1- find the user by username
# 2- hash the given password using the salt for this user
# 3- compare hashes
$oUser = self::getBaseRequester()->addClauseEquals("username", $sUsername)->addClauseEquals("enabled", 1)->execute()->first();
if (is_null($oUser)) {
return false;
}
if ($oUser->get("password") !== self::hashPassword($sClearPassword, $oUser->get("salt"))) {
return false;
}
return $oUser;
}