Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 20 |
|
0.00% |
0 / 8 |
CRAP | |
0.00% |
0 / 1 |
| LoginTokenService | |
0.00% |
0 / 20 |
|
0.00% |
0 / 8 |
110 | |
0.00% |
0 / 1 |
| createEntity | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| createAndPersistToken | |
0.00% |
0 / 11 |
|
0.00% |
0 / 1 |
2 | |||
| matchToken | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| deleteBySeries | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| deleteByUser | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
| getByUser | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
6 | |||
| getBySeries | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| deleteExpired | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Database service for login_token table. |
| 5 | * |
| 6 | * PHP version 8 |
| 7 | * |
| 8 | * Copyright (C) Villanova University 2024. |
| 9 | * |
| 10 | * This program is free software; you can redistribute it and/or modify |
| 11 | * it under the terms of the GNU General Public License version 2, |
| 12 | * as published by the Free Software Foundation. |
| 13 | * |
| 14 | * This program is distributed in the hope that it will be useful, |
| 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 17 | * GNU General Public License for more details. |
| 18 | * |
| 19 | * You should have received a copy of the GNU General Public License |
| 20 | * along with this program; if not, write to the Free Software |
| 21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
| 22 | * |
| 23 | * @category VuFind |
| 24 | * @package Database |
| 25 | * @author Demian Katz <demian.katz@villanova.edu> |
| 26 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
| 27 | * @link https://vufind.org/wiki/development:plugins:database_gateways Wiki |
| 28 | */ |
| 29 | |
| 30 | namespace VuFind\Db\Service; |
| 31 | |
| 32 | use DateTime; |
| 33 | use VuFind\Db\Entity\LoginTokenEntityInterface; |
| 34 | use VuFind\Db\Entity\UserEntityInterface; |
| 35 | use VuFind\Db\Table\DbTableAwareInterface; |
| 36 | use VuFind\Exception\LoginToken as LoginTokenException; |
| 37 | |
| 38 | use function is_int; |
| 39 | |
| 40 | /** |
| 41 | * Database service for login_token table. |
| 42 | * |
| 43 | * @category VuFind |
| 44 | * @package Database |
| 45 | * @author Demian Katz <demian.katz@villanova.edu> |
| 46 | * @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License |
| 47 | * @link https://vufind.org/wiki/development:plugins:database_gateways Wiki |
| 48 | */ |
| 49 | class LoginTokenService extends AbstractDbService implements |
| 50 | LoginTokenServiceInterface, |
| 51 | Feature\DeleteExpiredInterface, |
| 52 | DbTableAwareInterface |
| 53 | { |
| 54 | use \VuFind\Db\Table\DbTableAwareTrait; |
| 55 | |
| 56 | /** |
| 57 | * Create a new login token entity. |
| 58 | * |
| 59 | * @return LoginTokenEntityInterface |
| 60 | */ |
| 61 | public function createEntity(): LoginTokenEntityInterface |
| 62 | { |
| 63 | return $this->getDbTable('LoginToken')->createRow(); |
| 64 | } |
| 65 | |
| 66 | /** |
| 67 | * Create and persist a token. |
| 68 | * |
| 69 | * @param UserEntityInterface $user User identifier |
| 70 | * @param string $token Login token |
| 71 | * @param string $series Series the token belongs to |
| 72 | * @param string $browser User browser |
| 73 | * @param string $platform User platform |
| 74 | * @param int $expires Token expiration timestamp |
| 75 | * @param string $sessionId Session associated with the token |
| 76 | * |
| 77 | * @return LoginTokenEntityInterface |
| 78 | */ |
| 79 | public function createAndPersistToken( |
| 80 | UserEntityInterface $user, |
| 81 | string $token, |
| 82 | string $series, |
| 83 | string $browser = '', |
| 84 | string $platform = '', |
| 85 | int $expires = 0, |
| 86 | string $sessionId = '' |
| 87 | ): LoginTokenEntityInterface { |
| 88 | $row = $this->createEntity() |
| 89 | ->setToken(hash('sha256', $token)) |
| 90 | ->setSeries($series) |
| 91 | ->setUser($user) |
| 92 | ->setLastLogin(new DateTime()) |
| 93 | ->setBrowser($browser) |
| 94 | ->setPlatform($platform) |
| 95 | ->setExpires($expires) |
| 96 | ->setLastSessionId($sessionId); |
| 97 | $this->persistEntity($row); |
| 98 | return $row; |
| 99 | } |
| 100 | |
| 101 | /** |
| 102 | * Check if a login token matches one in database. |
| 103 | * |
| 104 | * @param array $token array containing user id, token and series |
| 105 | * |
| 106 | * @return ?LoginTokenEntityInterface |
| 107 | * @throws LoginTokenException |
| 108 | */ |
| 109 | public function matchToken(array $token): ?LoginTokenEntityInterface |
| 110 | { |
| 111 | return $this->getDbTable('LoginToken')->matchToken($token); |
| 112 | } |
| 113 | |
| 114 | /** |
| 115 | * Delete all tokens in a given series. |
| 116 | * |
| 117 | * @param string $series series |
| 118 | * @param ?int $currentTokenId Current token ID to keep |
| 119 | * |
| 120 | * @return void |
| 121 | */ |
| 122 | public function deleteBySeries(string $series, ?int $currentTokenId = null): void |
| 123 | { |
| 124 | $this->getDbTable('LoginToken')->deleteBySeries($series, $currentTokenId); |
| 125 | } |
| 126 | |
| 127 | /** |
| 128 | * Delete all tokens for a user. |
| 129 | * |
| 130 | * @param UserEntityInterface|int $userOrId User entity object or identifier |
| 131 | * |
| 132 | * @return void |
| 133 | */ |
| 134 | public function deleteByUser(UserEntityInterface|int $userOrId): void |
| 135 | { |
| 136 | $userId = is_int($userOrId) ? $userOrId : $userOrId->getId(); |
| 137 | $this->getDbTable('LoginToken')->deleteByUserId($userId); |
| 138 | } |
| 139 | |
| 140 | /** |
| 141 | * Get tokens for a given user. |
| 142 | * |
| 143 | * @param UserEntityInterface|int $userOrId User entity object or identifier |
| 144 | * @param bool $grouped Whether to return results grouped by series |
| 145 | * |
| 146 | * @return LoginTokenEntityInterface[] |
| 147 | */ |
| 148 | public function getByUser(UserEntityInterface|int $userOrId, bool $grouped = true): array |
| 149 | { |
| 150 | $userId = is_int($userOrId) ? $userOrId : $userOrId->getId(); |
| 151 | return $this->getDbTable('LoginToken')->getByUserId($userId, $grouped); |
| 152 | } |
| 153 | |
| 154 | /** |
| 155 | * Get token by series. |
| 156 | * |
| 157 | * @param string $series Series identifier |
| 158 | * |
| 159 | * @return LoginTokenEntityInterface[] |
| 160 | */ |
| 161 | public function getBySeries(string $series): array |
| 162 | { |
| 163 | return iterator_to_array($this->getDbTable('LoginToken')->getBySeries($series)); |
| 164 | } |
| 165 | |
| 166 | /** |
| 167 | * Delete expired records. Allows setting a limit so that rows can be deleted in small batches. |
| 168 | * |
| 169 | * @param DateTime $dateLimit Date threshold of an "expired" record. |
| 170 | * @param ?int $limit Maximum number of rows to delete or null for no limit. |
| 171 | * |
| 172 | * @return int Number of rows deleted |
| 173 | */ |
| 174 | public function deleteExpired(DateTime $dateLimit, ?int $limit = null): int |
| 175 | { |
| 176 | return $this->getDbTable('LoginToken')->deleteExpired($dateLimit->format('Y-m-d H:i:s'), $limit); |
| 177 | } |
| 178 | } |