In my controller:
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => HttpBasicAuth::className(),
'auth' => [$this, 'auth']
];
return $behaviors;
}
public function auth($email, $pass) {
return User::findOne([
'email' => $email,
'password' => $pass,
]);
}
This works fine if I use in postman login and password hashed, but how I can authenticate with password in plain text and transfrom it in hashed password?
I tried this, but it doesn’t work
public function auth($email, $pass) {
// username, password are mandatory fields
if(empty($email) || empty($pass))
return null;
// get user using requested email
$user = User::findOne([
'email' => $email,
]);
// if no record matching the requested user
if(empty($user))
return null;
// hashed password from user record
$pwd = $user->password;
// validate password
$isPass = User::validatePassword($pass, $pwd);
// if password validation fails
if(!$isPass)
return null;
// if user validates (both user_email, user_password are valid)
return $user;
}