/**
* Returns true if authentication accepts to run otherwise returns false.
*
* @return boolean
*/
public function accept()
{
/**
* Authentication method must be enabled
*/
if (!self::is_enabled()) {
return false;
}
$token = $this->get_access_token();
if ($token->is_empty()) {
return false;
}
$key = UserApiKeyManager::get_by_id($token->get_id());
if (empty($key)) {
return false;
}
/**
* The service corresponding to the key must be enabled.
*/
$service = $key['api_service'];
if (!self::is_service_enabled($service)) {
return false;
}
/**
* User associated with the key must be active
*/
$user = api_get_user_info($token->get_user_id());
if (empty($user)) {
return false;
}
if (!$user['active']) {
return false;
}
/**
* Token must be valid.
*/
return $token->is_valid();
}
/**
* Validate token against the database. Returns true if token is valid,
* false otherwise.
* @return boolean
* @assert () === false
*/
function is_valid()
{
if ($this->is_empty()) {
return false;
}
$key = UserApiKeyManager::get_by_id($this->id);
if (empty($key)) {
return false;
}
if ($key['api_key'] != $this->key) {
return false;
}
if ($key['user_id'] != $this->user_id) {
return false;
}
$time = time();
$validity_start_date = $key['validity_start_date'] ? strtotime($key['validity_start_date']) : $time;
$validity_end_date = $key['validity_end_date'] ? strtotime($key['validity_end_date']) : $time + 100000;
return $validity_start_date <= $time && $time <= $validity_end_date;
}