protected function validateSession(IUser $user)
{
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
return;
}
try {
$token = $this->tokenProvider->getToken($sessionId);
} catch (InvalidTokenException $ex) {
// Session was invalidated
$this->logout();
return;
}
// Check whether login credentials are still valid and the user was not disabled
// This check is performed each 5 minutes
$lastCheck = $this->session->get('last_login_check') ?: 0;
$now = $this->timeFacory->getTime();
if ($lastCheck < $now - 60 * 5) {
try {
$pwd = $this->tokenProvider->getPassword($token, $sessionId);
} catch (InvalidTokenException $ex) {
// An invalid token password was used -> log user out
$this->logout();
return;
} catch (PasswordlessTokenException $ex) {
// Token has no password, nothing to check
$this->session->set('last_login_check', $now);
return;
}
if ($this->manager->checkPassword($token->getLoginName(), $pwd) === false || !$user->isEnabled()) {
// Password has changed or user was disabled -> log user out
$this->logout();
return;
}
$this->session->set('last_login_check', $now);
}
// Session is valid, so the token can be refreshed
$this->updateToken($token);
}