static function token_login($user, $pwd)
{
list($label, self::$token_id) = explode("-", $user);
if (!self::$token_id) {
Error::http(400, "Missing or invalid token id.");
}
$sql = "SELECT tokens.user_id, users.name, tokens.login_provider, UNIX_TIMESTAMP(tokens.updated) as updated\n\t\t\tFROM tokens LEFT JOIN users ON tokens.user_id=users.user_id\n\t\t\tWHERE token_id=? AND ((token_val='0' AND otk=?) OR (token_val!=0 AND token_val=?))";
$rows = DBquery::get($sql, array(self::$token_id, $pwd, $pwd));
if (!$rows) {
Error::http(401, "Invalid credentials for token ID='" . self::$token_id . "'.");
}
$updated = $rows[0]['updated'];
//if ($updated AND time() - $updated > 86400) Error::http(401, "The login-enabled token#". self::$token_id ." for this user has expired (maximum 24-hours API session reached.).");
self::$user_id = $rows[0]['user_id'];
self::$name = $rows[0]['name'];
self::$otk = $pwd;
self::$login_provider = $rows[0]['login_provider'];
}
