You are here

Home » API reference » Drupal 5 » user.module

function user_authenticate in Drupal 5

Same name and namespace in other branches
  1. 4 modules/user.module \user_authenticate()
  2. 6 modules/user/user.module \user_authenticate()
  3. 7 modules/user/user.module \user_authenticate()
3 calls to user_authenticate()
blogapi_validate_user in modules/blogapi/blogapi.module
Ensure that the given user has permission to edit a blog.
user_login_validate in modules/user/user.module
user_register_submit in modules/user/user.module

File

modules/user/user.module, line 976
Enables the user registration and login system.

Code

function user_authenticate($name, $pass) {
  global $user;

  // Try to log in the user locally. Don't set $user unless successful.
  if ($account = user_load(array(
    'name' => $name,
    'pass' => $pass,
    'status' => 1,
  ))) {

    // Check if the e-mail is denied by an access rule.
    // Doing this check here saves us a user_load() in user_login_validate()
    // and introduces less code change for a security fix.
    if (drupal_is_denied('mail', $account->mail)) {
      form_set_error('name', t('The name %name is registered using a reserved e-mail address and therefore could not be logged in.', array(
        '%name' => $account->name,
      )));
      return;
    }
    else {
      $user = $account;
      return $user;
    }
  }

  // Strip name and server from ID:
  $fullname = $name;
  if ($server = strrchr($name, '@')) {
    $name = substr($name, 0, strlen($name) - strlen($server));
    $server = substr($server, 1);
  }

  // When possible, determine corresponding external auth source. Invoke
  // source, and log in user if successful:
  if ($result = user_get_authmaps($fullname)) {
    if (module_invoke(key($result), 'auth', $name, $pass, $server)) {
      $user = user_external_load($fullname);
      watchdog('user', t('External load by %user using module %module.', array(
        '%user' => $fullname,
        '%module' => key($result),
      )));
    }
  }
  else {
    foreach (module_implements('auth') as $module) {
      if (module_invoke($module, 'auth', $name, $pass, $server)) {
        $registered_user = user_load(array(
          'name' => $fullname,
        ));
        if (!$registered_user->uid) {

          // Register this new user.
          $userinfo = array(
            'name' => $fullname,
            'pass' => user_password(),
            'init' => $fullname,
            'status' => 1,
            'access' => time(),
          );
          $userinfo["authname_{$module}"] = $fullname;
          $user = user_save('', $userinfo);
          watchdog('user', t('New external user: %user using module %module.', array(
            '%user' => $fullname,
            '%module' => $module,
          )), WATCHDOG_NOTICE, l(t('edit'), 'user/' . $user->uid . '/edit'));
          break;
        }
      }
    }
  }
  return $user;
}