/** * Checks if the provided user is uniquely authenticated * @param zibo\library\security\model\User $user * @return boolean True If the authentication is unique, false otherwise */ protected function isUniqueAuthentication(User $user) { $string = $this->getAuthentificationString(); if (!$string) { return true; } if (strpos($string, ':') === false) { return false; } list($identifier, $token) = explode(':', $string); if (!(ctype_alnum($identifier) && ctype_alnum($token))) { return false; } $userToken = $user->getUserPreference(self::PREFERENCE_TOKEN); $userTimeout = $user->getUserPreference(self::PREFERENCE_TIMEOUT); $userIdentifier = $this->getIdentifier($user->getUserName()); $now = time(); if (!($userToken == $token && $userTimeout > $now && $userIdentifier == $identifier)) { return false; } return true; }