--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/core/modules/user/src/UserAuth.php	Wed Nov 29 16:09:58 2017 +0000
@@ -0,0 +1,66 @@
+<?php
+
+namespace Drupal\user;
+
+use Drupal\Core\Entity\EntityManagerInterface;
+use Drupal\Core\Password\PasswordInterface;
+
+/**
+ * Validates user authentication credentials.
+ */
+class UserAuth implements UserAuthInterface {
+
+  /**
+   * The entity manager.
+   *
+   * @var \Drupal\Core\Entity\EntityManagerInterface
+   */
+  protected $entityManager;
+
+  /**
+   * The password hashing service.
+   *
+   * @var \Drupal\Core\Password\PasswordInterface
+   */
+  protected $passwordChecker;
+
+  /**
+   * Constructs a UserAuth object.
+   *
+   * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
+   *   The entity manager.
+   * @param \Drupal\Core\Password\PasswordInterface $password_checker
+   *   The password service.
+   */
+  public function __construct(EntityManagerInterface $entity_manager, PasswordInterface $password_checker) {
+    $this->entityManager = $entity_manager;
+    $this->passwordChecker = $password_checker;
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function authenticate($username, $password) {
+    $uid = FALSE;
+
+    if (!empty($username) && strlen($password) > 0) {
+      $account_search = $this->entityManager->getStorage('user')->loadByProperties(['name' => $username]);
+
+      if ($account = reset($account_search)) {
+        if ($this->passwordChecker->check($password, $account->getPassword())) {
+          // Successful authentication.
+          $uid = $account->id();
+
+          // Update user to new password scheme if needed.
+          if ($this->passwordChecker->needsRehash($account->getPassword())) {
+            $account->setPassword($password);
+            $account->save();
+          }
+        }
+      }
+    }
+
+    return $uid;
+  }
+
+}