public function authenticate()
{
$update_session = false;
try {
if ($this->token === null) {
throw new AuthException(self::STATUS_NO_TOKEN);
}
$user = null;
$application = null;
$session = $this->session_pool->get($this->token);
if (!$this->session_pool->has($this->token)) {
$_session_entry = $this->retrieveSessionEntry($this->token);
if (!$_session_entry) {
throw new AuthException(self::STATUS_INVALID_TOKEN);
}
if ($_session_entry->getExpiredAt() !== null && $_session_entry->getExpiredAt()->diff(new \DateTime())->invert == 0) {
throw new AuthException(self::STATUS_EXPIRED_TOKEN);
}
$user = $this->retrieveUser($_session_entry->getModelId());
if (!$user) {
throw new AuthException(self::STATUS_INVALID_USER);
}
if ($this->options['application']) {
if ($_session_entry->getApplicationId() === null) {
throw new AuthException(self::STATUS_NO_APPLICATION);
} else {
$application = $_session_entry->getApplication();
}
}
$this->session_entry = $_session_entry;
$update_session = true;
} else {
$auth_data = $session->get('_auth', []);
$_user = isset($auth_data['_user']) ? $auth_data['_user'] : [];
if (!isset($_user['data']) || !isset($_user['data']['id'])) {
// This is anonymous user, but has some data in session
$this->status = self::STATUS_ANONYMOUS;
$this->token_handler->setToken($this->token);
return;
} else {
if ($this->options['application']) {
$_application = isset($auth_data['_application']) ? $auth_data['_application'] : [];
if (!isset($_application['data']) || !isset($_application['data']['id'])) {
throw new AuthException(self::STATUS_NO_APPLICATION);
}
}
$_updated_at = isset($auth_data['_updated_at']) ? $auth_data['_updated_at'] : 0;
if (time() - $_updated_at >= $this->options['update_gap']) {
$user = $this->retrieveUser($_user['data']['id']);
if (!$user) {
throw new AuthException(self::STATUS_INVALID_USER);
}
if ($this->options['application']) {
$application = $this->retrieveApplication($_application['data']['id']);
if (!$application) {
throw new AuthException(self::STATUS_INVALID_APPLICATION);
}
}
$update_session = true;
} else {
if ($_user['model'] !== $this->options['model']) {
throw new AuthException(self::STATUS_INVALID_USER);
}
$user = new $this->options['model']();
$user->fromArray($_user['data'], TableMap::TYPE_FIELDNAME);
$user->setNew(false);
if ($this->options['acl']) {
$user->setPermissions($_user['permissions']);
$user->setRoleIds($_user['role_ids']);
}
if ($this->options['application']) {
$application = new Application();
$application->fromArray($_application['data'], TableMap::TYPE_FIELDNAME);
$application->setNew(false);
}
}
}
}
if ($user->isDisabled()) {
throw new AuthException(self::STATUS_ACCOUNT_DISABLED);
}
if ($user->getBannedTill() !== null && $user->getBannedTill()->diff(new \DateTime())->invert == 0) {
throw new AuthException(self::STATUS_ACCOUNT_BANNED);
}
$this->user = $user;
$this->user->setLogged(true);
$this->application = $application;
$this->session = $session;
$this->status = self::STATUS_AUTHENTICATED;
$this->token_handler->setToken($this->token);
if ($update_session) {
$this->updateSession();
}
} catch (AuthException $e) {
$this->reset($e->getMessage());
}
}