public function check($with_csrf = false)
{
if ($with_csrf && !$this->isValidCsrfToken()) {
return;
}
$key = !empty($_SESSION[self::IDENTIFIER]) ? $_SESSION[self::IDENTIFIER] : !1;
$cookies = Application::$request_variables['cookie'];
$cookie_key = !empty($cookies[self::IDENTIFIER]) ? $cookies[self::IDENTIFIER] : !1;
if (!$key) {
if ($cookie_key) {
$key_manager = new KeyManager();
list($user_id, $access_key) = $key_manager->getPair($cookie_key);
if (!is_numeric($user_id)) {
$this->removeCookie(self::IDENTIFIER);
return;
}
$user = new User($this->db);
$user->allocateById($user_id);
if (!$user->hasAccessKey($access_key)) {
$this->removeCookie(self::IDENTIFIER);
return;
}
$this->setSession(self::IDENTIFIER, $cookie_key);
$this->user_row = $user->getRowData();
$this->result = !$user->isEmpty();
}
} else {
$key_manager = new KeyManager();
$user_id = $key_manager->getPair($key)[0];
$user = new User($this->db);
$user->allocateById($user_id);
$this->user_row = $user->getRowData();
$this->result = !$user->isEmpty();
}
}
public function signIn()
{
$mEmail = $this->data['email'];
$mPassword = $this->data['password'];
$mCompanyDomain = $this->data['domain'];
$user = new User($this->db);
$user->allocateByEmail($mEmail);
$mCompany = new Company($this->db);
$mCompany->allocateByDomain($mCompanyDomain);
if ($user->isEmpty() || $mCompany->isEmpty() || $mCompany->getId() != $user->getCompanyId() || !$user->isPasswordEqual($mPassword)) {
return;
}
$user->updateRecentActivityTime();
$key_manager = new KeyManager();
$access_key = $this->generateKey();
$key = $key_manager->createKey($user->getId(), $access_key);
$csrf_token = sha1($key . 'success');
$user->addAccessKey($access_key);
$this->setCookie(CheckAuthorization::IDENTIFIER, $key, time() + 365 * 24 * 3600, '/', $_SERVER['HTTP_HOST']);
$this->setCookie(CheckAuthorization::CSRF_TOKEN_NAME, $csrf_token, time() + 365 * 24 * 3600, '/', $_SERVER['HTTP_HOST']);
$this->setSession(CheckAuthorization::IDENTIFIER, $key);
$this->result = true;
}