Try to validate the user's login credentials locally.
$name: User name to authenticate.
$password: A plain-text password, such as trimmed text from form values.
The user's uid on success, or FALSE on failure to authenticate.
function user_authenticate($name, $password) {
$uid = FALSE;
if (!empty($name) && strlen(trim($password)) > 0) {
$account = user_load_by_name($name);
if ($account) {
// Allow alternate password hashing schemes.
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
if (user_check_password($password, $account)) {
// Successful authentication.
$uid = $account->uid;
// Update user to new password scheme if needed.
if (user_needs_new_hash($account)) {
user_save($account, array(
'pass' => $password,
));
}
}
}
}
return $uid;
}