summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/Model/Authentication.php7
-rw-r--r--app/Model/User.php12
2 files changed, 19 insertions, 0 deletions
diff --git a/app/Model/Authentication.php b/app/Model/Authentication.php
index 92898cd5..86c1c43f 100644
--- a/app/Model/Authentication.php
+++ b/app/Model/Authentication.php
@@ -42,6 +42,13 @@ class Authentication extends Base
// If the user is already logged it's ok
if ($this->userSession->isLogged()) {
+ // Check if the user session match an existing user
+ if (! $this->user->exists($this->userSession->getId())) {
+ $this->backend('rememberMe')->destroy($this->userSession->getId());
+ $this->session->close();
+ return false;
+ }
+
// We update each time the RememberMe cookie tokens
if ($this->backend('rememberMe')->hasCookie()) {
$this->backend('rememberMe')->refresh();
diff --git a/app/Model/User.php b/app/Model/User.php
index 01be8597..7586f3c4 100644
--- a/app/Model/User.php
+++ b/app/Model/User.php
@@ -29,6 +29,18 @@ class User extends Base
const EVERYBODY_ID = -1;
/**
+ * Return true if the user exists
+ *
+ * @access public
+ * @param integer $user_id User id
+ * @return boolean
+ */
+ public function exists($user_id)
+ {
+ return $this->db->table(self::TABLE)->eq('id', $user_id)->count() === 1;
+ }
+
+ /**
* Get query to fetch all users
*
* @access public