user = $user; $this->hashedPassword = $hashedPassword; $this->formTemplate = $formTemplate ?? __DIR__ . '/../templates/single_user_password_authentication_form.html.php'; $this->csrfKey = $csrfKey ?? \Taproot\IndieAuth\Server::DEFAULT_CSRF_KEY; } public function __invoke(ServerRequestInterface $request, string $formAction) { // If the request is a form submission with a matching password, return the corresponding // user data. if ($request->getMethod() == 'POST' && password_verify($request->getParsedBody()[self::PASSWORD_FORM_PARAMETER] ?? '', $this->hashedPassword)) { return $this->user; } // Otherwise, return a response containing the password form. return new Response(200, ['content-type' => 'text/html'], renderTemplate($this->formTemplate, [ 'formAction' => $formAction, 'request' => $request, 'csrfFormElement' => '' ])); } }