示例#1
0
文件: Auth.php 项目: spryker/Auth
 /**
  * This is based on sessions so the token will only be valid during a session lifetime
  *
  * @param string $token
  *
  * @return bool
  */
 protected function authorizeUserToken($token)
 {
     if ($this->userTokenIsValid($token) === false) {
         return false;
     }
     $currentUser = $this->getCurrentUser($token);
     try {
         $realUser = $this->userFacade->getActiveUserById($currentUser->getIdUser());
     } catch (UserNotFoundException $e) {
         return false;
     }
     return $realUser->getPassword() === $currentUser->getPassword();
 }