示例#1
0
 public function signIn()
 {
     $mEmail = $this->data['email'];
     $mPassword = $this->data['password'];
     $mCompanyDomain = $this->data['domain'];
     $user = new User($this->db);
     $user->allocateByEmail($mEmail);
     $mCompany = new Company($this->db);
     $mCompany->allocateByDomain($mCompanyDomain);
     if ($user->isEmpty() || $mCompany->isEmpty() || $mCompany->getId() != $user->getCompanyId() || !$user->isPasswordEqual($mPassword)) {
         return;
     }
     $user->updateRecentActivityTime();
     $key_manager = new KeyManager();
     $access_key = $this->generateKey();
     $key = $key_manager->createKey($user->getId(), $access_key);
     $csrf_token = sha1($key . 'success');
     $user->addAccessKey($access_key);
     $this->setCookie(CheckAuthorization::IDENTIFIER, $key, time() + 365 * 24 * 3600, '/', $_SERVER['HTTP_HOST']);
     $this->setCookie(CheckAuthorization::CSRF_TOKEN_NAME, $csrf_token, time() + 365 * 24 * 3600, '/', $_SERVER['HTTP_HOST']);
     $this->setSession(CheckAuthorization::IDENTIFIER, $key);
     $this->result = true;
 }