/** * Check to see if the user is logged in and activated. * * @return bool */ public function check() { if (is_null($this->user)) { // Check session first, follow by cookie if (!($userArray = $this->session->get()) and !($userArray = $this->cookie->get())) { return false; } // Now check our user is an array with two elements, // the username followed by the persist code if (!is_array($userArray) or count($userArray) !== 2) { return false; } list($login, $persistCode) = $userArray; // Let's find our user try { $user = $this->getUserProvider()->findByLogin($login); } catch (UserNotFoundException $e) { return false; } // Great! Let's check the session's persist code // against the user. If it fails, somebody has tampered // with the cookie / session data and we're not allowing // a login if (!$user->checkPersistCode($persistCode)) { return false; } // Now we'll set the user property on Sentry $this->user = $user; } // Let's check our cached user is indeed activated if (!($user = $this->getUser()) or !$user->isActivated()) { return false; } return true; }
/** * Check to see if the user is logged in and activated, and hasn't been banned or suspended. * * @return bool */ public function check() { if (is_null($this->user)) { // Check session first, follow by cookie if (!($userArray = $this->session->get()) and !($userArray = $this->cookie->get())) { return false; } // Now check our user is an array with two elements, // the username followed by the persist code if (!is_array($userArray) or count($userArray) !== 2) { return false; } list($id, $persistCode) = $userArray; // Let's find our user try { $user = $this->getUserProvider()->findById($id); } catch (UserNotFoundException $e) { return false; } // Great! Let's check the session's persist code // against the user. If it fails, somebody has tampered // with the cookie / session data and we're not allowing // a login if (!$user->checkPersistCode($persistCode)) { return false; } // Now we'll set the user property on Sentry $this->user = $user; } // Let's check our cached user is indeed activated if (!($user = $this->getUser()) or !$user->hasActivationRelaxed()) { return false; } // If throttling is enabled we check it's status if ($this->getThrottleProvider()->isEnabled()) { // Check the throttle status $throttle = $this->getThrottleProvider()->findByUser($user); if ($throttle->isBanned() or $throttle->isSuspended()) { $this->logout(); return false; } } return true; }