public function authenticate($username, $password) { if ($this->hasIdentity()) { return true; } $users = new Users(); if (($user = $users->authenticate($username, $password)) !== false) { $s = $this->session; $s->regenerate(true); $s->write('__auth', $user['username']); $s->write('__id', $user['id']); $s->write('__time', time()); $token = md5(uniqid(rand(), true)); $s->write('__token', $token); UserSession::create()->entry($user['id'], $token, session_id()); $this->userInfo = $user; return $user; } session_write_close(); return false; }