Elgg  Version 5.1
UsersApiSessionsTable.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database;
4 
5 use Elgg\Database;
6 use Elgg\Security\Crypto;
7 use Elgg\Traits\TimeUsing;
8 
15 class UsersApiSessionsTable {
16 
17  use TimeUsing;
18 
22  const TABLE_NAME = 'users_apisessions';
23 
24  protected Database $database;
25 
26  protected Crypto $crypto;
27 
34  public function __construct(Database $database, Crypto $crypto) {
35  $this->database = $database;
36  $this->crypto = $crypto;
37  }
38 
47  public function createToken(int $user_guid, int $expires = 60): string|false {
48  $token = $this->crypto->getRandomString(32, Crypto::CHARS_HEX);
49  $expires = $this->getCurrentTime("+{$expires} minutes");
50 
51  $insert = Insert::intoTable(self::TABLE_NAME);
52  $insert->values([
53  'user_guid' => $insert->param($user_guid, ELGG_VALUE_GUID),
54  'token' => $insert->param($token, ELGG_VALUE_STRING),
55  'expires' => $insert->param($expires->getTimestamp(), ELGG_VALUE_TIMESTAMP),
56  ]);
57 
58  return $this->database->insertData($insert) ? $token : false;
59  }
60 
68  public function getUserTokens(int $user_guid) {
69  $select = Select::fromTable(self::TABLE_NAME);
70  $select->select('*')
71  ->where($select->compare('user_guid', '=', $user_guid, ELGG_VALUE_GUID));
72 
73  return $this->database->getData($select);
74  }
75 
83  public function validateToken(string $token): int|false {
84  $select = Select::fromTable(self::TABLE_NAME);
85  $select->select('*')
86  ->where($select->compare('token', '=', $token, ELGG_VALUE_STRING))
87  ->andWhere($select->compare('expires', '>', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
88 
89  $row = $this->database->getDataRow($select);
90 
91  return $row ? (int) $row->user_guid : false;
92  }
93 
101  public function removeToken(string $token) {
102  $delete = Delete::fromTable(self::TABLE_NAME);
103  $delete->where($delete->compare('token', '=', $token, ELGG_VALUE_STRING));
104 
105  return (bool) $this->database->deleteData($delete);
106  }
107 
113  public function removeExpiresTokens() {
114  $delete = Delete::fromTable(self::TABLE_NAME);
115  $delete->where($delete->compare('expires', '<', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
116 
117  return $this->database->deleteData($delete);
118  }
119 }
$user_guid
$user_guid
Definition: login_as.php:10
Elgg\Security\Crypto
Cryptographic services.
Definition: Crypto.php:12
Elgg\Database
The Elgg database.
Definition: Database.php:25
ELGG_VALUE_GUID
const ELGG_VALUE_GUID
Definition: constants.php:113
$delete
$delete
Definition: admin_notice.php:13
Elgg\Database\UsersApiSessionsTable
Manage the contents of the users_apisessions table.
Definition: UsersApiSessionsTable.php:15
Elgg\Traits\TimeUsing
trait TimeUsing
Adds methods for setting the current time (for testing)
Definition: TimeUsing.php:10
Elgg\Traits\getCurrentTime
getCurrentTime($modifier= '')
Get the (cloned) time.
Definition: TimeUsing.php:25
Elgg\Database\Insert\intoTable
static intoTable($table)
{}
Definition: Insert.php:13
Elgg\Database\UsersApiSessionsTable\createToken
createToken(int $user_guid, int $expires=60)
Obtain a token for a user.
Definition: UsersApiSessionsTable.php:47
Elgg\Database\UsersApiSessionsTable\removeExpiresTokens
removeExpiresTokens()
Remove expired tokens.
Definition: UsersApiSessionsTable.php:113
Elgg\Database\UsersApiSessionsTable\getUserTokens
getUserTokens(int $user_guid)
Get all tokens attached to a user.
Definition: UsersApiSessionsTable.php:68
$expires
$expires
Definition: security_txt.php:19
$token
$token
Definition: securitytoken.php:9
ELGG_VALUE_TIMESTAMP
const ELGG_VALUE_TIMESTAMP
Definition: constants.php:115
Elgg\Database\Select\fromTable
static fromTable($table, $alias=null)
{}
Definition: Select.php:13
Elgg\Database\UsersApiSessionsTable\__construct
__construct(Database $database, Crypto $crypto)
Create a new table handler.
Definition: UsersApiSessionsTable.php:34
ELGG_VALUE_STRING
const ELGG_VALUE_STRING
Definition: constants.php:112
Elgg\Database\UsersApiSessionsTable\removeToken
removeToken(string $token)
Remove user token.
Definition: UsersApiSessionsTable.php:101
Elgg\Database\UsersApiSessionsTable\validateToken
validateToken(string $token)
Validate that a given token is still valid.
Definition: UsersApiSessionsTable.php:83
Elgg\Database\Delete\fromTable
static fromTable($table, $alias=null)
{}
Definition: Delete.php:13
Generated on Fri Dec 1 2023 00:00:17 for Elgg by   doxygen 1.8.11