private function RegisterSession(Users $vo_User, $b_ReturnAuthTokenAsString = false)
{
// Log the login.
UserLoginLogDAO::save(new UserLoginLog(array('user_id' => $vo_User->user_id, 'ip' => ip2long($_SERVER['REMOTE_ADDR']))));
// Expire the local session cache.
self::$current_session = null;
//find if this user has older sessions
$vo_AuthT = new AuthTokens();
$vo_AuthT->setUserId($vo_User->getUserId());
//erase expired tokens
try {
$tokens_erased = AuthTokensDAO::expireAuthTokens($vo_User->getUserId());
} catch (Exception $e) {
// Best effort
self::$log->error("Failed to delete expired tokens: {$e->getMessage}()");
}
// Create the new token
$entropy = bin2hex(mcrypt_create_iv(SessionController::AUTH_TOKEN_ENTROPY_SIZE, MCRYPT_DEV_URANDOM));
$s_AuthT = $entropy . '-' . $vo_User->getUserId() . '-' . hash('sha256', OMEGAUP_MD5_SALT . $vo_User->getUserId() . $entropy);
$vo_AuthT = new AuthTokens();
$vo_AuthT->setUserId($vo_User->getUserId());
$vo_AuthT->setToken($s_AuthT);
try {
AuthTokensDAO::save($vo_AuthT);
} catch (Exception $e) {
throw new InvalidDatabaseOperationException($e);
}
if (self::$setCookieOnRegisterSession) {
$sm = $this->getSessionManagerInstance();
$sm->setCookie(OMEGAUP_AUTH_TOKEN_COOKIE_NAME, $s_AuthT, 0, '/');
}
Cache::deleteFromCache(Cache::SESSION_PREFIX, $s_AuthT);
if ($b_ReturnAuthTokenAsString) {
return $s_AuthT;
}
}
