/**
* Start user session
*
* @param $user
* @param $roles
* @param $remember
* @return bool
*/
private function startSession($user, $roles, $remember)
{
if ($remember === true) {
// Create a new autologin token
$token = new Tokens();
$token->user_id = $user->id;
$token->user_agent = sha1(\Phalcon\DI::getDefault()->getShared('request')->getUserAgent());
$token->token = $this->create_token();
$token->created = time();
$token->expires = time() + $this->_config['lifetime'];
if ($token->create() === true) {
// Set the autologin cookie
$this->_cookies->set('authautologin', $token->token, time() + $this->_config['lifetime']);
}
}
// Finish the login
$this->complete_login($user);
// Regenerate session_id
session_regenerate_id();
// Store user in session
$this->_session->set($this->_config['session_key'], $user);
$this->_session->set('time', time());
// Store user's roles in session
if ($this->_config['session_roles']) {
$this->_session->set($this->_config['session_roles'], $roles);
}
// update DB
$this->sessionDb($user->id);
return true;
}
/**
* Attempt to log in a user by using an ORM object and plain-text password.
*
* @package base-app
* @version 2.0
*
* @param string $user user to log in
* @param string $password password to check against
* @param boolean $remember enable autologin
* @return boolean
*/
public function login($user, $password, $remember = false)
{
if (!$user instanceof Users) {
$username = $user;
// Username not specified
if (!$username) {
return null;
}
// Load the user
$user = Users::findFirst(array('username=:username:'******'bind' => array(':username' => $username)));
}
if ($user) {
$roles = $this->get_roles($user);
// Create a hashed password
if (is_string($password)) {
$password = $this->hash($password);
}
// If user have login role and the passwords match, perform a login
if (isset($roles['login']) && $user->password === $password) {
if ($remember === true) {
// Create a new autologin token
$token = new Tokens();
$token->user_id = $user->id;
$token->user_agent = sha1(\Phalcon\DI::getDefault()->getShared('request')->getUserAgent());
$token->token = $this->create_token();
$token->created = time();
$token->expires = time() + $this->_config['lifetime'];
if ($token->create() === true) {
// Set the autologin cookie
$this->_cookies->set('authautologin', $token->token, time() + $this->_config['lifetime']);
}
}
// Finish the login
$this->complete_login($user);
// Regenerate session_id
session_regenerate_id();
// Store user in session
$this->_session->set($this->_config['session_key'], $user);
// Store user's roles in session
if ($this->_config['session_roles']) {
$this->_session->set($this->_config['session_roles'], $roles);
}
return true;
} else {
// Login failed
return false;
}
}
// No user found
return null;
}
