function _user_resource_login in Services 7.3
Same name and namespace in other branches
- 6.3 resources/user_resource.inc \_user_resource_login()
Login a user using the specified credentials.
Note this will transfer a plaintext password.
Parameters
$username: Username to be logged in.
$password: Password, must be plain text and not hashed.
Return value
A valid session object.
1 string reference to '_user_resource_login'
- _user_resource_definition in resources/
user_resource.inc
File
- resources/
user_resource.inc, line 599
Code
function _user_resource_login($username, $password) {
global $user;
if ($user->uid) {
// user is already logged in
return services_error(t('Already logged in as @user.', array(
'@user' => $user->name,
)), 406);
}
// Check if account is active.
if (user_is_blocked($username)) {
return services_error(t('The username %name has not been activated or is blocked.', array(
'%name' => $username,
)), 403);
}
// Emulate drupal native flood control: check for flood condition.
$flood_state = array();
if (variable_get('services_flood_control_enabled', TRUE)) {
$flood_state = _user_resource_flood_control_precheck($username);
}
// Only authenticate if a flood condition was not detected.
if (empty($flood_state['flood_control_triggered'])) {
$uid = user_authenticate($username, $password);
}
else {
$uid = FALSE;
}
// Emulate drupal native flood control: register flood event, and throw error
// if a flood condition was previously detected
if (variable_get('services_flood_control_enabled', TRUE)) {
$flood_state['uid'] = $uid;
_user_resource_flood_control_postcheck($flood_state);
}
if ($uid) {
$user = user_load($uid);
if ($user->uid) {
user_login_finalize();
$return = new stdClass();
$return->sessid = session_id();
$return->session_name = session_name();
$return->token = drupal_get_token('services');
$account = clone $user;
services_remove_user_data($account);
$return->user = $account;
return $return;
}
}
watchdog('user', 'Invalid login attempt for %username.', array(
'%username' => $username,
));
return services_error(t('Wrong username or password.'), 401);
}