<?php
class SabreAuthenticationJsonBackend extends \Sabre\DAV\Auth\Backend\AbstractBasic {
	protected $userMgr;

	function __construct(UserManager $userMgr) {
		$this->userMgr = $userMgr;
	}

	protected function validateUserPass($username, $password) {
		$userAccount = $this->userMgr->get($username);
 
		if (!$userAccount) {
			return false;
		}

		if (!password_verify($password, $userAccount['password'])) {
			return false;
		}

		if (!$userAccount['active']) {
			return false;
		}

		return true;
	}

	function challenge(\Sabre\HTTP\RequestInterface $request, \Sabre\HTTP\ResponseInterface $response) {
		parent::challenge($request, $response);

		if ('XMLHttpRequest' === $request->getHeader('X-Requested-With')) {
			$response->removeHeader('WWW-Authenticate');
		}
	}
}