/**
* @param IToken $dbToken
* @param string $token
* @return boolean
*/
private function checkTokenCredentials(IToken $dbToken, $token)
{
// Check whether login credentials are still valid and the user was not disabled
// This check is performed each 5 minutes
$lastCheck = $dbToken->getLastCheck() ?: 0;
$now = $this->timeFacory->getTime();
if ($lastCheck > $now - 60 * 5) {
// Checked performed recently, nothing to do now
return true;
}
try {
$pwd = $this->tokenProvider->getPassword($dbToken, $token);
} catch (InvalidTokenException $ex) {
// An invalid token password was used -> log user out
return false;
} catch (PasswordlessTokenException $ex) {
// Token has no password
if (!is_null($this->activeUser) && !$this->activeUser->isEnabled()) {
$this->tokenProvider->invalidateToken($token);
return false;
}
$dbToken->setLastCheck($now);
$this->tokenProvider->updateToken($dbToken);
return true;
}
if ($this->manager->checkPassword($dbToken->getLoginName(), $pwd) === false || !is_null($this->activeUser) && !$this->activeUser->isEnabled()) {
$this->tokenProvider->invalidateToken($token);
// Password has changed or user was disabled -> log user out
return false;
}
$dbToken->setLastCheck($now);
$this->tokenProvider->updateToken($dbToken);
return true;
}
/**
* @param IToken $token
*/
private function updateToken(IToken $token)
{
// To save unnecessary DB queries, this is only done once a minute
$lastTokenUpdate = $this->session->get('last_token_update') ?: 0;
$now = $this->timeFacory->getTime();
if ($lastTokenUpdate < $now - 60) {
$this->tokenProvider->updateToken($token);
$this->session->set('last_token_update', $now);
}
}
