function testUserRetrievedFromDb()
 {
     $u = new User(['user_id' => 101, 'DB' => $this->DB]);
     $this->assertNull($u->username);
     $u->refreshFromDb();
     $this->assertEqual($u->username, Auth_Base::$TEST_USERNAME);
 }
    //			}
    //		}
} else {
    // SECTION: authenticated
    if ($_SESSION['fingerprint'] != $FINGERPRINT) {
        // TODO: add logging?
        util_redirectToAppHomeWithPrejudice();
    }
    if (isset($_REQUEST['submit_signout'])) {
        // SECTION: wants to log out
        util_wipeSession();
        util_redirectToAppHome();
        // NOTE: the above is the same as util_redirectToAppHomeWithPrejudice, but this code is easier to follow/read when the two parts are shown here
    }
}
$IS_AUTHENTICATED = util_checkAuthentication();
if ($IS_AUTHENTICATED) {
    // SECTION: is signed in
    // now create user object
    $USER = new User(['username' => $_SESSION['userdata']['username'], 'DB' => $DB]);
    //echo "<pre>"; print_r($USER); echo "</pre>";
    // now check if user data differs from session data, and if so, update the users db record (this might be a part of the User construct method)
    $USER->refreshFromDb();
    //echo "<pre>"; print_r($USER); echo "</pre>";
    //print_r($_SESSION['userdata']);
    $USER->updateDbFromAuth($_SESSION['userdata']);
    //echo "<pre>"; print_r($USER); echo "</pre>";
    //echo "<pre>"; print_r($USER); echo "</pre>";
} else {
    $USER = User::getOneFromDb(['username' => 'canonical_public'], $DB);
}