/**
* Reset the current session information in case it does not match the
* authentication information anymore.
*
* @param string $user The user the session information is being requested
* for. This is usually empty, indicating the current
* user.
*
* @return boolean True if the session is still valid.
*/
public function validate($user = null)
{
$mail = $this->_session->getMail();
if ($this->_auth != $mail) {
$this->_session->purge();
return false;
}
if (empty($user)) {
return true;
}
if ($user != $mail && $user != $this->_session->getUid()) {
$this->_session->purge();
return false;
}
return true;
}