Elgg  Version 4.3
UsersApiSessionsTable.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database;
4 
5 use Elgg\Database;
8 
16 
17  use TimeUsing;
18 
22  protected $database;
23 
27  protected $crypto;
28 
32  protected $table = 'users_apisessions';
33 
41  $this->database = $database;
42  $this->crypto = $crypto;
43  }
44 
53  public function createToken(int $user_guid, int $expires = 60) {
54  $token = $this->crypto->getRandomString(32, Crypto::CHARS_HEX);
55  $expires = $this->getCurrentTime("+{$expires} minutes");
56 
57  $insert = Insert::intoTable($this->table);
58  $insert->values([
59  'user_guid' => $insert->param($user_guid, ELGG_VALUE_GUID),
60  'token' => $insert->param($token, ELGG_VALUE_STRING),
61  'expires' => $insert->param($expires->getTimestamp(), ELGG_VALUE_TIMESTAMP),
62  ]);
63 
64  if ($this->database->insertData($insert)) {
65  return $token;
66  }
67 
68  return false;
69  }
70 
78  public function getUserTokens(int $user_guid) {
79  $select = Select::fromTable($this->table);
80  $select->select('*')
81  ->where($select->compare('user_guid', '=', $user_guid, ELGG_VALUE_GUID));
82 
83  return $this->database->getData($select);
84  }
85 
93  public function validateToken(string $token) {
94  $select = Select::fromTable($this->table);
95  $select->select('*')
96  ->where($select->compare('token', '=', $token, ELGG_VALUE_STRING))
97  ->andWhere($select->compare('expires', '>', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
98 
99  $row = $this->database->getDataRow($select);
100  if (empty($row)) {
101  return false;
102  }
103 
104  return (int) $row->user_guid;
105  }
106 
114  public function removeToken(string $token) {
115  $delete = Delete::fromTable($this->table);
116  $delete->where($delete->compare('token', '=', $token, ELGG_VALUE_STRING));
117 
118  return (bool) $this->database->deleteData($delete);
119  }
120 
126  public function removeExpiresTokens() {
127  $delete = Delete::fromTable($this->table);
128  $delete->where($delete->compare('expires', '<', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
129 
130  return $this->database->deleteData($delete);
131  }
132 }
$user_guid
Definition: login_as.php:10
Cryptographic services.
Definition: Crypto.php:12
The Elgg database.
Definition: Database.php:25
const ELGG_VALUE_GUID
Definition: constants.php:128
$delete
Manage the contents of the users_apisessions table.
trait TimeUsing
Adds methods for setting the current time (for testing)
Definition: TimeUsing.php:10
getCurrentTime($modifier= '')
Get the (cloned) time.
Definition: TimeUsing.php:25
static intoTable($table)
{}
Definition: Insert.php:13
createToken(int $user_guid, int $expires=60)
Obtain a token for a user.
removeExpiresTokens()
Remove expired tokens.
getUserTokens(int $user_guid)
Get all tokens attached to a user.
$token
const ELGG_VALUE_TIMESTAMP
Definition: constants.php:130
static fromTable($table, $alias=null)
{}
Definition: Select.php:13
__construct(Database $database, Crypto $crypto)
Create a new table handler.
const ELGG_VALUE_STRING
Definition: constants.php:127
removeToken(string $token)
Remove user token.
validateToken(string $token)
Validate that a given token is still valid.
static fromTable($table, $alias=null)
{}
Definition: Delete.php:13