public function signIn(Identity $identity) { // TODO multi identity login $session = new Session(); $session->identityId = $identity->id; $users = $this->getUsersByIdentityId($identity->id); if (!$users) { // inactive identity $identity->delete(); throw new Exception('Identity without users found, deleted', Exception::IDENTITY_WITHOUT_USERS); } if (isset($_COOKIE[$this->settings->sessionName])) { Session::statement()->delete()->where('? = ?', Session::columns()->token, $_COOKIE[$this->settings->sessionName])->query(); } do { $token = $this->createSessionId(); } while (Session::findByToken($token)); setcookie($this->settings->sessionName, $token, time() + $this->settings->expireTime, '/', null, null, true); $session->identityId = $identity->id; $session->token = $token; $session->createdAt = TimeMachine::getInstance()->now(); $session->save(); }