public function check($with_csrf = false)
 {
     if ($with_csrf && !$this->isValidCsrfToken()) {
         return;
     }
     $key = !empty($_SESSION[self::IDENTIFIER]) ? $_SESSION[self::IDENTIFIER] : !1;
     $cookies = Application::$request_variables['cookie'];
     $cookie_key = !empty($cookies[self::IDENTIFIER]) ? $cookies[self::IDENTIFIER] : !1;
     if (!$key) {
         if ($cookie_key) {
             $key_manager = new KeyManager();
             list($user_id, $access_key) = $key_manager->getPair($cookie_key);
             if (!is_numeric($user_id)) {
                 $this->removeCookie(self::IDENTIFIER);
                 return;
             }
             $user = new User($this->db);
             $user->allocateById($user_id);
             if (!$user->hasAccessKey($access_key)) {
                 $this->removeCookie(self::IDENTIFIER);
                 return;
             }
             $this->setSession(self::IDENTIFIER, $cookie_key);
             $this->user_row = $user->getRowData();
             $this->result = !$user->isEmpty();
         }
     } else {
         $key_manager = new KeyManager();
         $user_id = $key_manager->getPair($key)[0];
         $user = new User($this->db);
         $user->allocateById($user_id);
         $this->user_row = $user->getRowData();
         $this->result = !$user->isEmpty();
     }
 }
Exemple #2
0
 /**
  * @param $user User
  */
 public function logout($user)
 {
     $key_manager = new KeyManager();
     list($user_id, $access_key) = $key_manager->getPair($_SESSION[CheckAuthorization::IDENTIFIER]);
     $this->removeAccessKey($user, $access_key);
     $this->removeSession(CheckAuthorization::IDENTIFIER);
     $this->removeCookie(CheckAuthorization::IDENTIFIER);
     $this->result = true;
 }