Elgg  Version master
UsersApiSessionsTable.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database;
4 
5 use Elgg\Database;
8 
16 
17  use TimeUsing;
18 
22  public const TABLE_NAME = 'users_apisessions';
23 
30  public function __construct(protected Database $database, protected Crypto $crypto) {
31  }
32 
41  public function createToken(int $user_guid, int $expires = 60): string|false {
42  $token = $this->crypto->getRandomString(32, Crypto::CHARS_HEX);
43  $expires = $this->getCurrentTime("+{$expires} minutes");
44 
45  $insert = Insert::intoTable(self::TABLE_NAME);
46  $insert->values([
47  'user_guid' => $insert->param($user_guid, ELGG_VALUE_GUID),
48  'token' => $insert->param($token, ELGG_VALUE_STRING),
49  'expires' => $insert->param($expires->getTimestamp(), ELGG_VALUE_TIMESTAMP),
50  ]);
51 
52  return $this->database->insertData($insert) ? $token : false;
53  }
54 
62  public function getUserTokens(int $user_guid) {
63  $select = Select::fromTable(self::TABLE_NAME);
64  $select->select('*')
65  ->where($select->compare('user_guid', '=', $user_guid, ELGG_VALUE_GUID));
66 
67  return $this->database->getData($select);
68  }
69 
77  public function validateToken(string $token): int|false {
78  $select = Select::fromTable(self::TABLE_NAME);
79  $select->select('*')
80  ->where($select->compare('token', '=', $token, ELGG_VALUE_STRING))
81  ->andWhere($select->compare('expires', '>', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
82 
83  $row = $this->database->getDataRow($select);
84 
85  return $row ? (int) $row->user_guid : false;
86  }
87 
95  public function removeToken(string $token) {
96  $delete = Delete::fromTable(self::TABLE_NAME);
97  $delete->where($delete->compare('token', '=', $token, ELGG_VALUE_STRING));
98 
99  return (bool) $this->database->deleteData($delete);
100  }
101 
107  public function removeExpiresTokens() {
108  $delete = Delete::fromTable(self::TABLE_NAME);
109  $delete->where($delete->compare('expires', '<', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
110 
111  return $this->database->deleteData($delete);
112  }
113 }
$user_guid
Definition: login_as.php:10
Cryptographic services.
Definition: Crypto.php:12
The Elgg database.
Definition: Database.php:26
const ELGG_VALUE_GUID
Definition: constants.php:113
$delete
Manage the contents of the users_apisessions table.
trait TimeUsing
Adds methods for setting the current time (for testing)
Definition: TimeUsing.php:10
static intoTable(string $table)
Returns a QueryBuilder for inserting data in a given table.
Definition: Insert.php:17
getCurrentTime($modifier= '')
Get the (cloned) time.
Definition: TimeUsing.php:25
createToken(int $user_guid, int $expires=60)
Obtain a token for a user.
removeExpiresTokens()
Remove expired tokens.
getUserTokens(int $user_guid)
Get all tokens attached to a user.
static fromTable(string $table)
Returns a QueryBuilder for deleting data from a given table.
Definition: Delete.php:17
$expires
$token
const ELGG_VALUE_TIMESTAMP
Definition: constants.php:115
const ELGG_VALUE_STRING
Definition: constants.php:112
removeToken(string $token)
Remove user token.
static fromTable(string $table, string $alias=null)
Returns a QueryBuilder for selecting data from a given table.
Definition: Select.php:18
__construct(protected Database $database, protected Crypto $crypto)
Create a new table handler.
validateToken(string $token)
Validate that a given token is still valid.