/**
* Logs the current user out.
*
* @return void
*/
public function logout()
{
$this->user = null;
setcookie('synergixe_sso', serialize($this->session->get()), time() - 24 * 3600, "/", ".synergixe.ng", FALSE, TRUE);
$this->session->forget();
$this->cookie->forget();
}
/**
* Check to see if the user is logged in and activated.
*
* @return bool
*/
public function check()
{
if (is_null($this->user)) {
// Check session first, follow by cookie
if (!($userArray = $this->session->get()) and !($userArray = $this->cookie->get())) {
return false;
}
// Now check our user is an array with two elements,
// the username followed by the persist code
if (!is_array($userArray) or count($userArray) !== 2) {
return false;
}
list($login, $persistCode) = $userArray;
// Let's find our user
try {
$user = $this->getUserProvider()->findByLogin($login);
} catch (UserNotFoundException $e) {
return false;
}
// Great! Let's check the session's persist code
// against the user. If it fails, somebody has tampered
// with the cookie / session data and we're not allowing
// a login
if (!$user->checkPersistCode($persistCode)) {
return false;
}
// Now we'll set the user property on Sentry
$this->user = $user;
}
// Let's check our cached user is indeed activated
if (!($user = $this->getUser()) or !$user->isActivated()) {
return false;
}
return true;
}
/**
* Retrieves a token (OAuth1 token credentials or OAuth2 access
* token) for the given provider, abstracting away the
* differences from the user.
*
* @param mixed $provider
* @return mixed
* @throws \Cartalyst\SentrySocial\AccessMissingException
*/
protected function retrieveToken($provider)
{
if ($this->oauthVersion($provider) == 1) {
$temporaryIdentifier = $this->requestProvider->getOAuth1TemporaryCredentialsIdentifier();
if (!$temporaryIdentifier) {
throw new AccessMissingException('Missing [oauth_token] parameter (used for OAuth1 temporary credentials identifier).');
}
$verifier = $this->requestProvider->getOAuth1Verifier();
if (!$verifier) {
throw new AccessMissingException('Missing [verifier] parameter.');
}
$temporaryCredentials = $this->session->get();
$tokenCredentials = $provider->getTokenCredentials($temporaryCredentials, $temporaryIdentifier, $verifier);
return $tokenCredentials;
}
$code = $this->requestProvider->getOAuth2Code();
if (!$code) {
throw new AccessMissingException("Missing [code] parameter.");
}
$accessToken = $provider->getAccessToken('authorization_code', compact('code'));
return $accessToken;
}
/**
* Check to see if the user is logged in and activated, and hasn't been banned or suspended.
*
* @return bool
*/
public function check()
{
if (is_null($this->user))
{
// Check session first, follow by cookie
if ( ! $userArray = $this->session->get() and ! $userArray = $this->cookie->get())
{
return false;
}
// Now check our user is an array with two elements,
// the username followed by the persist code
if ( ! is_array($userArray) or count($userArray) !== 2)
{
return false;
}
list($id, $persistCode) = $userArray;
// Let's find our user
try
{
$user = $this->getUserProvider()->findById($id);
}
catch (UserNotFoundException $e)
{
return false;
}
// Great! Let's check the session's persist code
// against the user. If it fails, somebody has tampered
// with the cookie / session data and we're not allowing
// a login
if ( ! $user->checkPersistCode($persistCode))
{
return false;
}
// Now we'll set the user property on Sentry
$this->user = $user;
}
// Let's check our cached user is indeed activated
if ( ! $user = $this->getUser() or ! $user->isActivated())
{
return false;
}
// If throttling is enabled we check it's status
if( $this->getThrottleProvider()->isEnabled())
{
// Check the throttle status
$throttle = $this->getThrottleProvider()->findByUserId( $user->getId() );
if( $throttle->isBanned() or $throttle->isSuspended())
{
$this->logout();
return false;
}
}
return true;
}