Try to validate the user's login credentials locally.
$name: User name to authenticate.
$password: A plain-text password, such as trimmed text from form values.
The user's uid on success, or FALSE on failure to authenticate.
function user_authenticate($name, $password) {
$uid = FALSE;
if (!empty($name) && !empty($password)) {
$account = user_load_by_name($name);
if ($account) {
$password_hasher = drupal_container()
->get('password');
if ($password_hasher
->check($password, $account)) {
// Successful authentication.
$uid = $account->uid;
// Update user to new password scheme if needed.
if ($password_hasher
->userNeedsNewHash($account)) {
$account->pass = $password;
$account
->save();
}
}
}
}
return $uid;
}