public static function getCurrent()
{
/** @var User $user */
$user = $_SESSION['currentUser'];
if ($user && TIMESTAMP - $user->lastActive > 600) {
$userObj = self::getUserByUserId($user->uid);
if (!$userObj) {
$user = null;
} elseif ($user->password != $userObj->password) {
// Password changed
$user = null;
} else {
$userObj->lastActive = TIMESTAMP;
$user = $userObj;
}
} elseif (!$user->uid) {
$uid = Encrypt::decode(base64_decode($_COOKIE['uid']), ENCRYPT_KEY);
$expire = Encrypt::decode(base64_decode($_COOKIE['expire']), ENCRYPT_KEY);
$token = Encrypt::decode(base64_decode($_COOKIE['token']), ENCRYPT_KEY);
if ($uid && $expire && $token) {
$userObj = self::getUserByUserId($uid);
if ($userObj) {
$validateToken = md5($userObj->uid . ":" . $userObj->email . ":" . $userObj->passwd . ":" . $expire . ":" . COOKIE_KEY);
if ($token == $validateToken) {
$userObj->lastActive = TIMESTAMP;
$user = $userObj;
}
}
}
}
$_SESSION['currentUser'] = $user;
return $user;
}