function testCheckAuthentication()
{
$this->assertFalse(util_checkAuthentication());
$_SESSION['isAuthenticated'] = false;
$this->assertFalse(util_checkAuthentication());
$_SESSION['isAuthenticated'] = true;
$this->assertTrue(util_checkAuthentication());
}
// }
// }
} else {
// SECTION: authenticated
if ($_SESSION['fingerprint'] != $FINGERPRINT) {
// TODO: add logging?
util_redirectToAppHomeWithPrejudice();
}
if (isset($_REQUEST['submit_signout'])) {
// SECTION: wants to log out
util_wipeSession();
util_redirectToAppHome();
// NOTE: the above is the same as util_redirectToAppHomeWithPrejudice, but this code is easier to follow/read when the two parts are shown here
}
}
$IS_AUTHENTICATED = util_checkAuthentication();
if ($IS_AUTHENTICATED) {
// SECTION: is signed in
// now create user object
$USER = new User(['username' => $_SESSION['userdata']['username'], 'DB' => $DB]);
//echo "<pre>"; print_r($USER); echo "</pre>";
// now check if user data differs from session data, and if so, update the users db record (this might be a part of the User construct method)
$USER->refreshFromDb();
//echo "<pre>"; print_r($USER); echo "</pre>";
//print_r($_SESSION['userdata']);
$USER->updateDbFromAuth($_SESSION['userdata']);
//echo "<pre>"; print_r($USER); echo "</pre>";
//echo "<pre>"; print_r($USER); echo "</pre>";
} else {
$USER = User::getOneFromDb(['username' => 'canonical_public'], $DB);
}
