[TYPO3-dev] Authenticating BE User correctly

[Georg Ringer]

Am 15.02.2012 16:37, schrieb Georg Ringer:
> Hi,
> 
> this is for FE but should be same for BE when you change FE to BE ;)

/**
	* Check password of user with a given one
	*
	* @param array $userRecord
	* @param string $password
	* @return boolean
	*/
private function compareUserRecordWithPassword(array $userRecord,
$password) {
	t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords',
'classes/salts/class.tx_saltedpasswords_salts_factory.php'));

	$this->objInstanceSaltedPW =
tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'],
'FE');
	if (!is_object($this->objInstanceSaltedPW)) {
		$isValid = md5($password) == $userRecord['password'];
		return $isValid;
		#throw new Exception ('No Password-Factory found');
	}
	$validPassword = $this->objInstanceSaltedPW->checkPassword($password,
$userRecord['password']);
	return $validPassword;
}