Minor UserAuth Class Changes

1. class UserAuth implements BadNaming {
2.  
3.     const PASSWORD_ALGO = \PASSWORD_DEFAULT; // these should be somewhere more sensible
4.     const PASSWORD_OPTIONS = [];
5.  
6.     const AUTHENTICATE_SUCCESS = 0;
7.     const AUTHENTICATE_INVALID_USER = 1;
8.     const AUTHENTICATE_WRONG_PASSWORD = 2;
9.  
10.     public function authenticate($userID, $inputPassword) {
11.         if (!$this->userMapper->contactExists('email', $userID)) {
12.             return self::AUTHENTICATE_INVALID_USER;
13.         }
14.  
15.         $hashedPassword = $this->userMapper->getPasswordByID('email', $userID);
16.  
17.         if (!\password_verify($inputPassword, $hashedPassword)) {
18.             return self::AUTHENTICATE_WRONG_PASSWORD;
19.         }
20.  
21.         if (\password_needs_rehash($hashedPassword, self::PASSWORD_ALGO, self::PASSWORD_OPTIONS)) {
22.             $this->userMapper->updatePassword('email', $userID, $inputPassword);
23.         }
24.  
25.         return self::AUTHENTICATE_SUCCESS;
26.     }