From 7a8badd2ed9e84b7f56ba02130d57b5af7fde641 Mon Sep 17 00:00:00 2001
From: Marcin Kurczewski <mkurczew@gmail.com>
Date: Fri, 5 Sep 2014 09:37:53 +0200
Subject: [PATCH] Fixed logging in users that no longer exist

---
 src/Dao/TokenDao.php               | 5 +++++
 src/Services/AuthService.php       | 3 +++
 tests/Services/AuthServiceTest.php | 1 +
 3 files changed, 9 insertions(+)

diff --git a/src/Dao/TokenDao.php b/src/Dao/TokenDao.php
index fa1da838..dcef9f7e 100644
--- a/src/Dao/TokenDao.php
+++ b/src/Dao/TokenDao.php
@@ -18,4 +18,9 @@ class TokenDao extends AbstractDao
 	{
 		$this->collection->remove(['name' => $tokenName]);
 	}
+
+	public function deleteByAdditionalData($additionalData)
+	{
+		$this->collection->remove(['additionalData' => $additionalData]);
+	}
 }
diff --git a/src/Services/AuthService.php b/src/Services/AuthService.php
index f8a4b4f8..b2c1edf5 100644
--- a/src/Services/AuthService.php
+++ b/src/Services/AuthService.php
@@ -74,6 +74,8 @@ class AuthService
 
 		$this->loginToken = $loginToken;
 		$this->loggedInUser = $this->userDao->getById($loginToken->additionalData);
+		if (!$this->loggedInUser)
+			throw new \Exception('User was deleted.');
 		$this->updateLoginTime($this->loggedInUser);
 
 		if (!$this->loggedInUser)
@@ -133,6 +135,7 @@ class AuthService
 		$loginToken->name = hash('sha256', $user->name . '/' . microtime(true));
 		$loginToken->additionalData = $user->id;
 		$loginToken->purpose = \Szurubooru\Entities\Token::PURPOSE_LOGIN;
+		$this->tokenDao->deleteByAdditionalData($loginToken->additionalData);
 		$this->tokenDao->save($loginToken);
 		return $loginToken;
 	}
diff --git a/tests/Services/AuthServiceTest.php b/tests/Services/AuthServiceTest.php
index 461c78c0..70cad944 100644
--- a/tests/Services/AuthServiceTest.php
+++ b/tests/Services/AuthServiceTest.php
@@ -51,6 +51,7 @@ class AuthServiceTest extends \Szurubooru\Tests\AbstractTestCase
 		$testUser->name = 'dummy';
 		$testUser->passwordHash = 'hash';
 		$this->userDaoMock->expects($this->once())->method('getByName')->willReturn($testUser);
+		$this->tokenDaoMock->expects($this->once())->method('deleteByAdditionalData')->with($testUser->id);
 
 		$authService = $this->getAuthService();
 		$authService->loginFromCredentials('dummy', 'godzilla');