Merge pull request #10275 from very-ape/authenticate-hook

Move the 'authenticate' hook deeper into the authentication flow so t…
2025-04-25 21:50:12 +00:00 · 2021-05-19 16:51:15 -04:00 · 2021-05-19 16:51:15 -04:00 · 09cf32926d
commit 09cf32926d
parent 00f1c33980 9ddaabc22d
3 changed files with 51 additions and 34 deletions
--- a/src/Security/Authentication.php
+++ b/src/Security/Authentication.php
@ -240,34 +240,12 @@ class Authentication
 	{
 		$record = null;

-		$addon_auth = [
-			'username'      => $username,
-			'password'      => $password,
-			'authenticated' => 0,
-			'user_record'   => null
-		];
-
-		/*
-		 * An addon indicates successful login by setting 'authenticated' to non-zero value and returning a user record
-		 * Addons should never set 'authenticated' except to indicate success - as hooks may be chained
-		 * and later addons should not interfere with an earlier one that succeeded.
-		 */
-		Hook::callAll('authenticate', $addon_auth);
-
 		try {
-			if ($addon_auth['authenticated']) {
-				$record = $addon_auth['user_record'];
-
-				if (empty($record)) {
-					throw new Exception($this->l10n->t('Login failed.'));
-				}
-			} else {
-				$record = $this->dba->selectFirst(
-					'user',
-					[],
-					['uid' => User::getIdFromPasswordAuthentication($username, $password)]
-				);
-			}
+			$record = $this->dba->selectFirst(
+				'user',
+				[],
+				['uid' => User::getIdFromPasswordAuthentication($username, $password)]
+			);
 		} catch (Exception $e) {
 			$this->logger->warning('authenticate: failed login attempt', ['action' => 'login', 'username' => Strings::escapeTags($username), 'ip' => $_SERVER['REMOTE_ADDR']]);
 			notice($this->l10n->t('Login failed. Please check your credentials.'));