/**
* Check if a user is authenticated for Atom editing
*
* @todo This entire function should be put into the User class somehow.
* @todo X-WSSE
* @param bool $force Force authorization? If so, basic HTTP_AUTH is displayed if not authed
* @return User The logged-in user
*/
function is_auth($force = false)
{
if ($this->user == null || $force != false) {
if (isset($_SERVER['PHP_AUTH_USER'])) {
User::authenticate($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
}
$this->user = User::identify();
if ($force != false && !$this->user->loggedin) {
header('HTTP/1.1 401 Unauthorized', true, 401);
header('Status: 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Habari"');
die;
}
}
return $this->user->loggedin;
}