From f9ad66037987d9435b5893c049f6047df0372ce9 Mon Sep 17 00:00:00 2001
From: Dmitrii Metelkin <dmitriim@catalyst-au.net>
Date: Sun, 17 Nov 2019 00:49:00 +1100
Subject: [PATCH] Add some comments

---
 auth.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/auth.php b/auth.php
index 024f902..3fdef74 100644
--- a/auth.php
+++ b/auth.php
@@ -134,11 +134,14 @@ class auth_plugin_userkey extends auth_plugin_base {
     /**
      * Logs a user in using userkey and redirects after.
      *
+     * @TODO: refactor this method to make it easy to read.
+     *
      * @throws \moodle_exception If something went wrong.
      */
     public function user_login_userkey() {
         global $SESSION, $CFG, $USER;
 
+
         $keyvalue = required_param('key', PARAM_ALPHANUM);
         $wantsurl = optional_param('wantsurl', '', PARAM_URL);
 
@@ -151,6 +154,7 @@ class auth_plugin_userkey extends auth_plugin_base {
         try {
             $key = $this->userkeymanager->validate_key($keyvalue);
         } catch (moodle_exception $exception) {
+            // If user is logged in and key is not valid, we'd like to logout a user.
             if (isloggedin()) {
                 require_logout();
             }
@@ -159,8 +163,10 @@ class auth_plugin_userkey extends auth_plugin_base {
 
         if (isloggedin()) {
             if ($USER->id != $key->userid) {
+                // Logout the current user if it's different to one that associated to the valid key.
                 require_logout();
             } else {
+                // Don't process further if the user is already logged in.
                 $this->userkeymanager->delete_keys($key->userid);
                 $this->redirect($redirecturl);
             }