public function userLogin() { $user = UserQuery::create()->filterByEmail($this->request_body->email)->filterByPassword(md5($this->request_body->password))->findOne(); if (null === $user) { throw new Exception("Incorrect username or password.", 401); } // TODO: Add previous token invalidation $token = new AccessToken(); $token->setTokenContent(uniqid()); $token->setUser($user); $token->save(); return array('user' => $user->toArray(), 'token' => $token->toArray()); }