| Authentication
|--------------------------------------------------------------------------
|
*/
$user = null;
if (isset($_GET['t']) && isset($_GET['h'])) {
if (Sentinel::isAuthSet()) {
// perhaps auth has been deactivated since link generation
$accesstoken = $_GET['t'];
$username = Sentinel::getUsernameFromAccessToken($accesstoken);
if (is_null($username)) {
// User does not exist anymore
http404();
}
// Sign in user
$user = Sentinel::signInWithAccessToken($accesstoken);
// Check the security hash
if (!Sentinel::isSignValid($_GET['h'], array('f' => $file_id), $username)) {
http403();
}
}
} else {
if (!isset($_GET['t']) && isset($_GET['h'])) {
http404();
} else {
if (isset($_GET['t']) && !isset($_GET['h'])) {
http404();
}
}
}
/*
