public function authenticate() { $update_session = false; try { if ($this->token === null) { throw new AuthException(self::STATUS_NO_TOKEN); } $user = null; $application = null; $session = $this->session_pool->get($this->token); if (!$this->session_pool->has($this->token)) { $_session_entry = $this->retrieveSessionEntry($this->token); if (!$_session_entry) { throw new AuthException(self::STATUS_INVALID_TOKEN); } if ($_session_entry->getExpiredAt() !== null && $_session_entry->getExpiredAt()->diff(new \DateTime())->invert == 0) { throw new AuthException(self::STATUS_EXPIRED_TOKEN); } $user = $this->retrieveUser($_session_entry->getModelId()); if (!$user) { throw new AuthException(self::STATUS_INVALID_USER); } if ($this->options['application']) { if ($_session_entry->getApplicationId() === null) { throw new AuthException(self::STATUS_NO_APPLICATION); } else { $application = $_session_entry->getApplication(); } } $this->session_entry = $_session_entry; $update_session = true; } else { $auth_data = $session->get('_auth', []); $_user = isset($auth_data['_user']) ? $auth_data['_user'] : []; if (!isset($_user['data']) || !isset($_user['data']['id'])) { // This is anonymous user, but has some data in session $this->status = self::STATUS_ANONYMOUS; $this->token_handler->setToken($this->token); return; } else { if ($this->options['application']) { $_application = isset($auth_data['_application']) ? $auth_data['_application'] : []; if (!isset($_application['data']) || !isset($_application['data']['id'])) { throw new AuthException(self::STATUS_NO_APPLICATION); } } $_updated_at = isset($auth_data['_updated_at']) ? $auth_data['_updated_at'] : 0; if (time() - $_updated_at >= $this->options['update_gap']) { $user = $this->retrieveUser($_user['data']['id']); if (!$user) { throw new AuthException(self::STATUS_INVALID_USER); } if ($this->options['application']) { $application = $this->retrieveApplication($_application['data']['id']); if (!$application) { throw new AuthException(self::STATUS_INVALID_APPLICATION); } } $update_session = true; } else { if ($_user['model'] !== $this->options['model']) { throw new AuthException(self::STATUS_INVALID_USER); } $user = new $this->options['model'](); $user->fromArray($_user['data'], TableMap::TYPE_FIELDNAME); $user->setNew(false); if ($this->options['acl']) { $user->setPermissions($_user['permissions']); $user->setRoleIds($_user['role_ids']); } if ($this->options['application']) { $application = new Application(); $application->fromArray($_application['data'], TableMap::TYPE_FIELDNAME); $application->setNew(false); } } } } if ($user->isDisabled()) { throw new AuthException(self::STATUS_ACCOUNT_DISABLED); } if ($user->getBannedTill() !== null && $user->getBannedTill()->diff(new \DateTime())->invert == 0) { throw new AuthException(self::STATUS_ACCOUNT_BANNED); } $this->user = $user; $this->user->setLogged(true); $this->application = $application; $this->session = $session; $this->status = self::STATUS_AUTHENTICATED; $this->token_handler->setToken($this->token); if ($update_session) { $this->updateSession(); } } catch (AuthException $e) { $this->reset($e->getMessage()); } }