function validate($username, $password)
{
$session = Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'username' => Database::escapeValue($username)));
$res = Session::validate($username, $password, $this->request()->fingerprint());
if (is_int($res)) {
switch ($res) {
case Session::ERR_MISMATCH:
throw new ServiceException('Username and password mismatch.', $res);
break;
case Session::ERR_EXISTS:
throw new ServiceException('Session already exists.', $res);
break;
}
}
return $res;
}
/**
* Query contents with current configuration key from the database,
* and update the local stored value.
*/
function update()
{
// Root objects will get value from database upon creation
if ($this->parentObject === null) {
$confObj = array();
// Database support
if (Database::isConnected()) {
$res = (array) @Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_CONFIGURATION, '@key' => $this->key));
unset($res['@key'], $res[Node::FIELD_COLLECTION]);
$confObj += $res;
unset($res);
}
// basenames to search
$basenames = array('', gethostname());
array_walk($basenames, function ($basename) use(&$confObj) {
if ($basename) {
$basename = ".{$basename}";
}
$basename = self::FALLBACK_DIRECTORY . "/{$this->key}{$basename}";
// JSON Support
$res = "{$basename}.json";
if (is_readable($res)) {
$res = (array) @ContentDecoder::json(file_get_contents($res), 1);
if ($res) {
$confObj = $res + $confObj;
} else {
throw new exceptions\FrameworkException('JSON file exists but decode failed.');
}
}
unset($res);
// YAML support (symfony/yaml)
if (class_exists('Yaml')) {
$res = "{$basename}.yaml";
if (is_readable($res)) {
$res = Yaml::parse($res);
// Sorry mate, at least an array.
if (is_array($res)) {
$confObj = $res + $confObj;
} else {
throw new exceptions\FrameworkException('YAML file exists but decode failed.');
}
}
unset($res);
}
});
} else {
$confObj =& $this->parentObject->__valueOf();
$confObj =& $confObj[$this->key];
}
$this->contents =& $confObj;
}
/**
* Loads data into current intance with specified $entityId from collection.
*
* @param {array|string|number} $filter Scalar types will be treated as identity,
* array types will be used as is.
*/
function load($identity)
{
if (!$identity) {
return $this;
}
$identity = Database::escapeValue($identity);
$filter = array(Node::FIELD_COLLECTION => self::collectionName());
if (is_scalar($identity)) {
$filter[$this->_primaryKey] = $identity;
} else {
if (is_array($identity)) {
$filter += $identity;
}
}
$this->beforeLoad($filter);
if ($filter !== false) {
$this->data((array) @Node::getOne($filter));
$this->afterLoad();
}
return $this;
}
/**
* Permission ensuring function, and session keep-alive point.
* This function should be called on the initialization stage of every page load.
*
* CAUTION: When $token is specified, extended security is performed on the current session.
* Current session can expire with constant Session::ERR_EXPIRED after 30 minutes of inactivity.
*
* @param $token Optional, decided as a one-time key to have advanced security over AJAX calls.
* This token string should be get from function requestToken.
*
* @return true on access permitted, false otherwise.
*/
static function ensure($sid, $token = null, $fingerprint = null)
{
if (!$sid) {
return static::ERR_INVALID;
}
$res = Node::getOne(array(Node::FIELD_COLLECTION => FRAMEWORK_COLLECTION_SESSION, 'sid' => util::packUuid($sid), 'fingerprint' => $fingerprint));
if (!$res) {
return static::ERR_INVALID;
}
// One-time token mismatch
if (($token || $res['token']) && util::packUuid($token) != $res['token']) {
return false;
}
// Session expired
if (strtotime($res['timestamp']) < strtotime(static::EXPIRE_TIME)) {
return static::ERR_EXPIRED;
}
unset($res['timestamp'], $res['token']);
// Update timestamp
Node::set($res);
static::$currentSession = $res;
return true;
}