/** * Start user session * * @param $user * @param $roles * @param $remember * @return bool */ private function startSession($user, $roles, $remember) { if ($remember === true) { // Create a new autologin token $token = new Tokens(); $token->user_id = $user->id; $token->user_agent = sha1(\Phalcon\DI::getDefault()->getShared('request')->getUserAgent()); $token->token = $this->create_token(); $token->created = time(); $token->expires = time() + $this->_config['lifetime']; if ($token->create() === true) { // Set the autologin cookie $this->_cookies->set('authautologin', $token->token, time() + $this->_config['lifetime']); } } // Finish the login $this->complete_login($user); // Regenerate session_id session_regenerate_id(); // Store user in session $this->_session->set($this->_config['session_key'], $user); $this->_session->set('time', time()); // Store user's roles in session if ($this->_config['session_roles']) { $this->_session->set($this->_config['session_roles'], $roles); } // update DB $this->sessionDb($user->id); return true; }
/** * Attempt to log in a user by using an ORM object and plain-text password. * * @package base-app * @version 2.0 * * @param string $user user to log in * @param string $password password to check against * @param boolean $remember enable autologin * @return boolean */ public function login($user, $password, $remember = false) { if (!$user instanceof Users) { $username = $user; // Username not specified if (!$username) { return null; } // Load the user $user = Users::findFirst(array('username=:username:'******'bind' => array(':username' => $username))); } if ($user) { $roles = $this->get_roles($user); // Create a hashed password if (is_string($password)) { $password = $this->hash($password); } // If user have login role and the passwords match, perform a login if (isset($roles['login']) && $user->password === $password) { if ($remember === true) { // Create a new autologin token $token = new Tokens(); $token->user_id = $user->id; $token->user_agent = sha1(\Phalcon\DI::getDefault()->getShared('request')->getUserAgent()); $token->token = $this->create_token(); $token->created = time(); $token->expires = time() + $this->_config['lifetime']; if ($token->create() === true) { // Set the autologin cookie $this->_cookies->set('authautologin', $token->token, time() + $this->_config['lifetime']); } } // Finish the login $this->complete_login($user); // Regenerate session_id session_regenerate_id(); // Store user in session $this->_session->set($this->_config['session_key'], $user); // Store user's roles in session if ($this->_config['session_roles']) { $this->_session->set($this->_config['session_roles'], $roles); } return true; } else { // Login failed return false; } } // No user found return null; }