CAllControllerMember::CheckUserAuth

static function CheckUserAuth($member_id, $login, $password)
{
	/** @global CMain $APPLICATION */
	global $APPLICATION;

	$arMember = CControllerMember::GetMember($member_id);
	if(!$arMember)
		return false;

	// send query to the client in order to check authorization
	$arParameters = array("login"=>$login, "password"=>$password);
	$oRequest = new CControllerServerRequestTo($arMember, 'check_auth', $arParameters);
	$oResponse = $oRequest->Send();
	if($oResponse === false)
		return false;

	if($oResponse->OK() === false)
	{
		$e = new CApplicationException($oResponse->text);
		$APPLICATION->ThrowException($e);
		return false;
	}
	elseif(COption::GetOptionString("controller", "auth_trans_enabled", "N") === "Y")
	{
		$current_groups = $oResponse->arParameters['USER_INFO']["GROUP_ID"];
		$arRemGroups = BitrixControllerGroupMapTable::getMapping("LOCAL_GROUP_CODE", "REMOTE_GROUP_CODE");
	}
	elseif(COption::GetOptionString("controller", "auth_controller_enabled", "N") === "Y")
	{
		$current_groups = $oResponse->arParameters['USER_INFO']["GROUP_ID"];
		$arRemGroups = BitrixControllerGroupMapTable::getMapping("LOCAL_GROUP_CODE", "CONTROLLER_GROUP_ID");
	}
	else
	{
		return false;
	}

	$GROUP_ID = array();
	$GROUPS_TO_ADD = array();
	$GROUPS_TO_DELETE = array();
	foreach($arRemGroups as $arTGroup)
	{
		$bFound = false;
		foreach($current_groups as $group_id)
		{
			if($arTGroup["FROM"] == $group_id)
			{
				$GROUP_ID[] = $arTGroup["TO"];
				$GROUPS_TO_ADD[] = $arTGroup["TO"];
				$bFound = true;
			}
		}

		if(!$bFound)
			$GROUPS_TO_DELETE[] = $arTGroup["TO"];
	}

	$oResponse->arParameters['USER_INFO']['GROUP_ID'] = $GROUP_ID;
	$oResponse->arParameters['USER_INFO']['GROUPS_TO_ADD'] = $GROUPS_TO_ADD;
	$oResponse->arParameters['USER_INFO']['GROUPS_TO_DELETE'] = $GROUPS_TO_DELETE;

	// return to the client
	return $oResponse->arParameters;
}