/**
* Authenticates this user and signs them in, if the API key or session is valid.
*
* @param sfActions $action
* @throws Exception if validation fails.
*/
public function authenticate()
{
//require SSL, if applicable
$this->assertSslApiRequest();
//authenticate via the API key, if provided
$api_key = $this->getHttpRequestHeader('Authorization', null);
if (!is_null($api_key)) {
if (preg_match('/\\s*Basic\\s+(.*?)\\s*$/im', $api_key, $regs)) {
$api_key = $regs[1];
$api_user = \ApiUserQuery::create()->filterByApiKey($api_key)->filterByActive(true)->findOne();
if (!$api_user) {
throw new \Exception('Unknown or inactive API user.');
}
if (0) {
$api_user = new \ApiUser();
}
$sf_guard_user = $api_user->getUser()->getsfGuardUser();
if ($sf_guard_user->getIsActive()) {
\sfContext::getInstance()->getUser()->signIn($sf_guard_user, false);
} else {
throw new \Exception('Unknown or inactive API user.');
}
} else {
throw new \Exception('API key format not recognized');
}
}
//try to authenticate via the session, if the api key was not provided
if (is_null($api_key)) {
$session_id = $this->getCookie(\sfConfig::get('altumo_api_session_cookie_name', 'my_session_name'), null);
if (!is_null($session_id)) {
$session = \SessionPeer::retrieveBySessionKey($session_id);
if (!$session) {
throw new \Exception('Invalid session.');
}
$user = $session->getUser();
if (!$user) {
throw new \Exception('Invalid session.');
}
if (!$user->hasApiUser()) {
throw new \Exception('Invalid session.');
}
$api_user = $user->getApiUser();
if (!$api_user->isActive()) {
throw new \Exception('Inactive API user.');
} else {
\sfContext::getInstance()->getUser()->signIn($user->getsfGuardUser(), false);
}
} else {
throw new \Exception('Please provide either a valid session or valid API key.');
}
}
//successful authentication
}
/**
* Gets the Session object associated to the session.
*
* @param mixed $session_key
* @return Session
*/
public function getSession()
{
$session = SessionPeer::retrieveBySessionKey($this->getSessionKey());
return $session;
}
