|
|
@@ -87,9 +87,6 @@ class Auth {
|
|
|
*/
|
|
|
protected static function recall($recaller)
|
|
|
{
|
|
|
- // When the remember me cookie is stored, it is encrypted and contains
|
|
|
- // the user's ID and a long, random string. The segments are separated
|
|
|
- // by a pipe character so we'll explode on that.
|
|
|
$recaller = explode('|', Crypter::decrypt($recaller));
|
|
|
|
|
|
// We'll pass the ID that was stored in the cookie into the same user
|
|
|
@@ -127,11 +124,8 @@ class Auth {
|
|
|
|
|
|
// When attempting to login the user, we will call the "attempt" closure
|
|
|
// from the configuration file. This gives the developer the freedom to
|
|
|
- // authenticate based on the needs of their application.
|
|
|
- //
|
|
|
- // All of the password hashing and checking and left totally up to the
|
|
|
- // developer, as this gives them the freedom to use any hashing scheme
|
|
|
- // or authentication provider they wish.
|
|
|
+ // authenticate based on the needs of their application, even allowing
|
|
|
+ // the user of third-party providers.
|
|
|
$user = call_user_func($config['attempt'], $username, $password);
|
|
|
|
|
|
if (is_null($user)) return false;
|
Taylor Otwell