private function RegisterSession(Users $vo_User, $b_ReturnAuthTokenAsString = false)
{
// Log the login.
UserLoginLogDAO::save(new UserLoginLog(array('user_id' => $vo_User->user_id, 'ip' => ip2long($_SERVER['REMOTE_ADDR']))));
// Expire the local session cache.
self::$current_session = null;
//find if this user has older sessions
$vo_AuthT = new AuthTokens();
$vo_AuthT->setUserId($vo_User->getUserId());
//erase expired tokens
try {
$tokens_erased = AuthTokensDAO::expireAuthTokens($vo_User->getUserId());
} catch (Exception $e) {
// Best effort
self::$log->error("Failed to delete expired tokens: {$e->getMessage}()");
}
// Create the new token
$entropy = bin2hex(mcrypt_create_iv(SessionController::AUTH_TOKEN_ENTROPY_SIZE, MCRYPT_DEV_URANDOM));
$s_AuthT = $entropy . '-' . $vo_User->getUserId() . '-' . hash('sha256', OMEGAUP_MD5_SALT . $vo_User->getUserId() . $entropy);
$vo_AuthT = new AuthTokens();
$vo_AuthT->setUserId($vo_User->getUserId());
$vo_AuthT->setToken($s_AuthT);
try {
AuthTokensDAO::save($vo_AuthT);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (self::$setCookieOnRegisterSession) {
$sm = $this->getSessionManagerInstance();
$sm->setCookie(OMEGAUP_AUTH_TOKEN_COOKIE_NAME, $s_AuthT, 0, '/');
}
Cache::deleteFromCache(Cache::SESSION_PREFIX, $s_AuthT);
if ($b_ReturnAuthTokenAsString) {
return $s_AuthT;
}
}
public function testDeleteTokenExpired()
{
// Create an user in omegaup
$user = UserFactory::createUser();
$auth_token = self::login($user);
// Expire token manually
$auth_token_dao = AuthTokensDAO::getByPK($auth_token);
$auth_token_dao->setCreateTime(date('Y-m-d H:i:s', strtotime($auth_token_dao->getCreateTime() . ' - 9 hour')));
AuthTokensDAO::save($auth_token_dao);
$auth_token_2 = self::login($user);
$existingTokens = AuthTokensDAO::getByPK($auth_token);
$this->assertNull($existingTokens);
}
