public function onAuthenticate($param)
{
$application = $this->getApplication();
// restoring user info from session
if (($session = $application->getSession()) === null) {
throw new TConfigurationException('authmanager_session_required');
}
$session->open();
$sessionInfo = $session->itemAt($this->getUserKey());
$user = $this->_userManager->getUser(null)->loadFromString($sessionInfo);
// check for authentication expiration
$isAuthExpired = $this->_authExpire > 0 && !$user->getIsGuest() && ($expiretime = $session->itemAt('AuthExpireTime')) && $expiretime < time();
// try authenticating through cookie if possible
if ($this->getAllowAutoLogin() && ($user->getIsGuest() || $isAuthExpired)) {
$cookie = $this->getRequest()->getCookies()->itemAt($this->getUserKey());
if ($cookie instanceof THttpCookie) {
if (($user2 = $this->_userManager->getUserFromCookie($cookie)) !== null) {
$user = $user2;
$this->updateSessionUser($user);
// user is restored from cookie, auth may not expire
$isAuthExpired = false;
}
}
}
$application->setUser($user);
// handle authentication expiration or update expiration time
if ($isAuthExpired) {
$this->onAuthExpire($param);
} else {
$session->add('AuthExpireTime', time() + $this->_authExpire);
}
// event handler gets a chance to do further auth work
if ($this->hasEventHandler('OnAuthenticate')) {
$this->raiseEvent('OnAuthenticate', $this, $application);
}
}