1 | <?php |
||
2 | |||
3 | namespace MrShan0\WordpressAuth\Auth; |
||
4 | |||
5 | use Illuminate\Auth\EloquentUserProvider; |
||
6 | use Illuminate\Support\Str; |
||
7 | use Illuminate\Contracts\Auth\Authenticatable as UserContract; |
||
8 | |||
9 | class EloquentWordpressUserProvider extends EloquentUserProvider |
||
10 | { |
||
11 | /** |
||
12 | * Retrieve a user by the given credentials. |
||
13 | * |
||
14 | * @param array $credentials |
||
15 | * @return \Illuminate\Contracts\Auth\Authenticatable|null |
||
16 | */ |
||
17 | public function retrieveByCredentials(array $credentials) |
||
18 | { |
||
19 | if (empty($credentials) || |
||
20 | (count($credentials) === 1 && |
||
21 | array_key_exists('password', $credentials))) { |
||
22 | return; |
||
23 | } |
||
24 | |||
25 | // First we will add each credential element to the query as a where clause. |
||
26 | // Then we can execute the query and, if we found a user, return it in a |
||
27 | // Eloquent User "model" that will be utilized by the Guard instances. |
||
28 | $query = $this->createModel()->newQuery(); |
||
29 | |||
30 | $credentials = $this->transformPayloadForWP($credentials); |
||
31 | $password_column = config('wordpress-auth.options.password_column', 'user_pass'); |
||
32 | foreach ($credentials as $key => $value) { |
||
33 | if (Str::contains($key, 'password') || $key == $password_column) { |
||
34 | continue; |
||
35 | } |
||
36 | |||
37 | $query->where($key, $value); |
||
38 | } |
||
39 | |||
40 | return $query->first(); |
||
0 ignored issues
–
show
Bug
Best Practice
introduced
by
Loading history...
|
|||
41 | } |
||
42 | |||
43 | /** |
||
44 | * Validate a user against the given credentials. |
||
45 | * |
||
46 | * @param \Illuminate\Contracts\Auth\Authenticatable $user |
||
47 | * @param array $credentials |
||
48 | * @return bool |
||
49 | */ |
||
50 | public function validateCredentials(UserContract $user, array $credentials) |
||
51 | { |
||
52 | $credentials = $this->transformPayloadForWP($credentials); |
||
53 | $plain = $credentials[config('wordpress-auth.options.password_column', 'user_pass')]; |
||
54 | |||
55 | return $this->hasher->check($plain, $user->getAuthPassword()); |
||
56 | } |
||
57 | |||
58 | private function transformPayloadForWP(array $credentials) |
||
59 | { |
||
60 | // Get password column name |
||
61 | $password_column = config('wordpress-auth.options.password_column', 'user_pass'); |
||
62 | $email_column = config('wordpress-auth.options.email_column', 'user_email'); |
||
63 | |||
64 | // This is required when used laravel auth scaffolding since wp follows |
||
65 | // `user_email` and laravel follows `email` only |
||
66 | // Same goes for `password` as `user_pass` by wordpress |
||
67 | if ( |
||
68 | config('wordpress-auth.options.force_wp_email', false) && |
||
69 | array_key_exists('email', $credentials) |
||
70 | ) { |
||
71 | $credentials[$email_column] = $credentials['email']; |
||
72 | unset($credentials['email']); |
||
73 | } |
||
74 | |||
75 | if ( |
||
76 | config('wordpress-auth.options.force_wp_password', false) && |
||
77 | array_key_exists('password', $credentials) |
||
78 | ) { |
||
79 | $credentials[$password_column] = $credentials['password']; |
||
80 | unset($credentials['password']); |
||
81 | } |
||
82 | |||
83 | return $credentials; |
||
84 | } |
||
85 | } |
||
86 |