/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
$user = RpcClient_STD_Account::instance()->login($this->username, $this->password);
if (!$user && !isset($user['data'])) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($user['error']) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
if ($this->accessRoleId && (int) $user['data']['user']['user_role_id'] !== $this->accessRoleId) {
$this->errorCode = self::ERROR_ROLE_NO_ACCESS;
} else {
$this->id = $user['data']['user']['user_id'];
$this->setState('user', $user['data']['user']);
$this->setState('token', $user['data']['session']);
$this->errorCode = self::ERROR_NONE;
}
}
}
return $this->errorCode;
}
protected function beforeLogout()
{
$sid = $this->getState('sid');
RpcClient_STD_Account::instance()->logout(array('session' => $sid));
return true;
}
