return false;
}
- // Do not try to authenticate non-existent accounts when user creation is disabled.
- if (!empty($CFG->authpreventaccountcreation)) {
- $failurereason = AUTH_LOGIN_NOUSER;
-
- // Trigger login failed event.
- $event = \core\event\user_login_failed::create(array('other' => array('username' => $username,
- 'reason' => $failurereason)));
- $event->trigger();
-
- error_log('[client '.getremoteaddr()."] $CFG->wwwroot Unknown user, can not create new accounts: $username ".
- $_SERVER['HTTP_USER_AGENT']);
- return false;
- }
-
// User does not exist.
$auths = $authsenabled;
$user = new stdClass();
$user = update_user_record_by_id($user->id);
}
} else {
- // Create account, we verified above that user creation is allowed.
- $user = create_user_record($username, $password, $auth);
+ // The user is authenticated but user creation may be disabled.
+ if (!empty($CFG->authpreventaccountcreation)) {
+ $failurereason = AUTH_LOGIN_UNAUTHORISED;
+
+ // Trigger login failed event.
+ $event = \core\event\user_login_failed::create(array('other' => array('username' => $username,
+ 'reason' => $failurereason)));
+ $event->trigger();
+
+ error_log('[client '.getremoteaddr()."] $CFG->wwwroot Unknown user, can not create new accounts: $username ".
+ $_SERVER['HTTP_USER_AGENT']);
+ return false;
+ } else {
+ $user = create_user_record($username, $password, $auth);
+ }
}
$authplugin->sync_roles($user);
