public function validate($token_string) { $signer = new Sha256(); $token = (new Parser())->parse((string) $token_string); if ($token->validate($signer, $this->configuration->get('auth-key')) === false) { throw new AuthenticationException("Token mismatch!"); } $id = $token->getClaim('uid'); $user = new UserView($this->configuration, $this->database); $user->load($id); if ($user->enabled() === false) { throw new AuthenticationException("Account locked, please contact administrator."); } return $user; }