public function TokenAuthentication::authenticate in RESTful 7.2

Authenticate the request by trying to match a user.

Parameters

RequestInterface $request: The request.

Return value

object The user object.

Overrides AuthenticationInterface::authenticate

File

modules/restful_token_auth/src/Plugin/authentication/TokenAuthentication.php, line 38: Contains \Drupal\restful_token_auth\Plugin\authentication\TokenAuthentication

Class

TokenAuthentication: Class TokenAuthentication @package Drupal\restful\Plugin\authentication

Namespace

Drupal\restful_token_auth\Plugin\authentication

Code

public function authenticate(RequestInterface $request) {

  // Access token may be on the request, or in the headers.
  if (!($token = $this
    ->extractToken($request))) {
    return NULL;
  }

  // Check if there is a token that has not expired yet.
  $query = new \EntityFieldQuery();
  $result = $query
    ->entityCondition('entity_type', 'restful_token_auth')
    ->entityCondition('bundle', 'access_token')
    ->propertyCondition('token', $token)
    ->range(0, 1)
    ->execute();
  if (empty($result['restful_token_auth'])) {

    // No token exists.
    return NULL;
  }
  $id = key($result['restful_token_auth']);
  $auth_token = entity_load_single('restful_token_auth', $id);
  if (!empty($auth_token->expire) && $auth_token->expire < REQUEST_TIME) {

    // Token is expired.
    if (variable_get('restful_token_auth_delete_expired_tokens', TRUE)) {

      // Token has expired, so we can delete this token.
      $auth_token
        ->delete();
    }
    return NULL;
  }
  return user_load($auth_token->uid);
}

You are here

public function TokenAuthentication::authenticate in RESTful 7.2

Parameters

Return value

File

Class

Namespace

Code

API Navigation