/**
* Tries to authenticate a user against the user gateway.
*
* @param mixed any args are passed through to the user gateway
* @return T_Auth_Registry fluent interface
* @throws T_Exception_Auth if the authentication fails
*/
function authenticate()
{
$args = func_get_args();
$auth = call_user_func_array(array($this->user_gw, 'authenticate'), $args);
if ($auth) {
if ($user = $auth->getUser()) {
// populate roles from user
$roles = $this->role_gw->getCollectionByUser($user);
$auth->setRole($roles);
}
$this->setAuth($auth);
}
return $this;
}
function insertRole(T_Role_Gateway $gateway)
{
$gateway->save($role = $this->createRole());
return $role;
}
/**
* Get any auth available.
*
* @param T_User_Gateway $user_gw
* @param T_Role_Gateway $role_gw
* @return T_Auth|false auth if available or false if not
*/
function get($user_gw, $role_gw)
{
if (!$this->cookie->exists($this->key)) {
return false;
}
// lookup token in db
$token = $this->cookie->asScalar($this->key)->filter(new T_Validate_HexHash())->uncage();
if (mt_rand(1, 20) == 10) {
// 1/20 clear old records
$sql = 'DELETE FROM person_auth_token WHERE expiry<' . time();
$this->db->master()->query($sql);
}
$sql = 'SELECT person,expiry ' . 'FROM person_auth_token ' . 'WHERE expiry>? AND token=?';
$result = $this->db->slave()->query($sql, array(time(), $token));
// if the token has not been found, remove it
// (it has probably expired).
if (count($result) != 1) {
$this->destroy();
return false;
}
// token has been found, so get the user and roles associated
// with the token and create auth package
$row = $result->fetch();
$user = $user_gw->getById($row['person']);
$role = $role_gw->getCollectionByUser($user);
$auth = new T_Auth(T_Auth::TOKEN, $user, $role);
// delete the use once token
$sql = 'DELETE FROM person_auth_token ' . 'WHERE token=?';
$this->db->master()->query($sql, array($token));
// add a new persistent login token
$this->createToken($user, $row['expiry']);
return $auth;
}
