function index()
{
// GC old sessions
if ($this->method !== 'delete') {
$gc = new Application();
$gc->where('role', 'god')->where('created_on <', strtotime('-14 days'))->get();
$gc->delete_all();
}
if ($this->method == 'get') {
$auth = $this->authenticate();
if ($auth) {
$user_id = $auth[0];
$u = new User();
$u->get_by_id($user_id);
if ($u->exists()) {
$this->set_response_data(array('token' => $auth[1], 'user' => $u->to_array()));
} else {
$this->error('404', 'User not found.');
return;
}
} else {
$this->error('404', 'Session not found.');
return;
}
} else {
switch ($this->method) {
case 'post':
$u = new User();
if ($this->input->post('email') && $this->input->post('password')) {
$u->where('email', $this->input->post('email'))->limit(1)->get();
if ($u->exists() && $u->check_password($this->input->post('password'))) {
$u->create_session($this->session, $this->input->post('remember') === 'on');
} else {
$this->error('404', 'User not found.');
return;
}
} else {
$this->error('403', 'Required parameters "email" and/or "password" are not present.');
return;
}
$this->redirect("/sessions");
break;
case 'delete':
$auth = $this->authenticate();
if (!$auth) {
$this->error('401', 'Not authorized to perform this action.');
return;
}
$a = new Application();
$a->where('token', $auth[1])->get();
$a->delete();
$user_id = $auth[0];
$u = new User();
$u->get_by_id($user_id);
$u->remember_me = null;
$u->save();
$this->load->helper('cookie');
delete_cookie('remember_me');
$this->session->sess_destroy();
exit;
break;
}
}
}
