gistfile1.txt

	private function authenticate($username, $password = null, $valid = 86400)
	{
		// Get a database object
		$db	= JFactory::getDbo();
		
		$db->setQuery($db->getQuery(true)
			->select('id, password')
			->from('#__users')
			->where('username='.$db->q($username)));
		$result = $db->loadObject();
		
		// Look for any tokens for this user
		$db->setQuery($db->getQuery(true)
			->select('*')
			->from('#__rvs_user_tokens')
			->where('uid='.$db->q($result->id)));
		$obj = $db->loadObject();
		
		// If there is already a valid token, just return that, otherwise try to create one
		if($obj->valid > JDate::getInstance()->toUnix()) {
			return $obj->token;
		} else {
			$parts	= explode(':', $result->password);
			$crypt	= $parts[0];
			$salt	= @$parts[1];
			$testcrypt = JUserHelper::getCryptedPassword($password, $salt);
			if ($crypt == $testcrypt) {
				// Authentication successful, create a token and populate the table
				$obj = new stdClass;
				$obj->uid	= $result->id;
				$obj->token = md5(rand().$salt);
				$obj->valid = JDate::getInstance()->toUnix() + $valid;
				$db->setQuery($db->getQuery(true)
					->select('uid')
					->from('#__rvs_user_tokens')
					->where('uid='.$db->q($obj->uid)));
				if ($db->loadResult()) {
					$db->updateObject('#__rvs_user_tokens', $obj, 'uid');
				} else {
					$db->insertObject('#__rvs_user_tokens', $obj, 'uid');
				}
				return $obj->token;
			}
		}
		return null;
	}