function makeNew($user) { $login_token = Login_token::getKV('user_id', $user->id); if (!empty($login_token)) { $login_token->delete(); } $login_token = new Login_token(); $login_token->user_id = $user->id; $login_token->token = common_random_hexstr(16); $login_token->created = common_sql_now(); $result = $login_token->insert(); if (!$result) { common_log_db_error($login_token, 'INSERT', __FILE__); // TRANS: Exception thrown when trying creating a login token failed. // TRANS: %s is the user nickname for which token creation failed. throw new Exception(sprintf(_('Could not create login token for %s'), $user->nickname)); } return $login_token; }
function prepare($args) { parent::prepare($args); if (common_is_real_login()) { // TRANS: Client error displayed trying to use "one time password login" when already logged in. $this->clientError(_('Already logged in.')); } $id = $this->trimmed('user_id'); if (empty($id)) { // TRANS: Client error displayed trying to use "one time password login" without specifying a user. $this->clientError(_('No user ID specified.')); } $this->user = User::getKV('id', $id); if (empty($this->user)) { // TRANS: Client error displayed trying to use "one time password login" without using an existing user. $this->clientError(_('No such user.')); } $this->token = $this->trimmed('token'); if (empty($this->token)) { // TRANS: Client error displayed trying to use "one time password login" without specifying a login token. $this->clientError(_('No login token specified.')); } $this->lt = Login_token::getKV('user_id', $id); if (empty($this->lt)) { // TRANS: Client error displayed trying to use "one time password login" without requesting a login token. $this->clientError(_('No login token requested.')); } if ($this->lt->token != $this->token) { // TRANS: Client error displayed trying to use "one time password login" while specifying an invalid login token. $this->clientError(_('Invalid login token specified.')); } if ($this->lt->modified > time() + Login_token::TIMEOUT) { //token has expired //delete the token as it is useless $this->lt->delete(); $this->lt = null; // TRANS: Client error displayed trying to use "one time password login" while specifying an expired login token. $this->clientError(_('Login token expired.')); } $this->rememberme = $this->boolean('rememberme'); $this->returnto = $this->trimmed('returnto'); return true; }