Elgg  Version master
UsersApiSessionsTable.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Database;
4 
5 use Elgg\Database;
6 use Elgg\Security\Crypto;
7 use Elgg\Traits\TimeUsing;
8 
15 class UsersApiSessionsTable {
16 
17  use TimeUsing;
18 
22  public const TABLE_NAME = 'users_apisessions';
23 
30  public function __construct(protected Database $database, protected Crypto $crypto) {
31  }
32 
41  public function createToken(int $user_guid, int $expires = 60): string|false {
42  $token = $this->crypto->getRandomString(32, Crypto::CHARS_HEX);
43  $expires = $this->getCurrentTime("+{$expires} minutes");
44 
45  $insert = Insert::intoTable(self::TABLE_NAME);
46  $insert->values([
47  'user_guid' => $insert->param($user_guid, ELGG_VALUE_GUID),
48  'token' => $insert->param($token, ELGG_VALUE_STRING),
49  'expires' => $insert->param($expires->getTimestamp(), ELGG_VALUE_TIMESTAMP),
50  ]);
51 
52  return $this->database->insertData($insert) ? $token : false;
53  }
54 
62  public function getUserTokens(int $user_guid) {
63  $select = Select::fromTable(self::TABLE_NAME);
64  $select->select('*')
65  ->where($select->compare('user_guid', '=', $user_guid, ELGG_VALUE_GUID));
66 
67  return $this->database->getData($select);
68  }
69 
77  public function validateToken(string $token): int|false {
78  $select = Select::fromTable(self::TABLE_NAME);
79  $select->select('*')
80  ->where($select->compare('token', '=', $token, ELGG_VALUE_STRING))
81  ->andWhere($select->compare('expires', '>', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
82 
83  $row = $this->database->getDataRow($select);
84 
85  return $row ? (int) $row->user_guid : false;
86  }
87 
95  public function removeToken(string $token) {
96  $delete = Delete::fromTable(self::TABLE_NAME);
97  $delete->where($delete->compare('token', '=', $token, ELGG_VALUE_STRING));
98 
99  return (bool) $this->database->deleteData($delete);
100  }
101 
107  public function removeExpiresTokens() {
108  $delete = Delete::fromTable(self::TABLE_NAME);
109  $delete->where($delete->compare('expires', '<', $this->getCurrentTime()->getTimestamp(), ELGG_VALUE_TIMESTAMP));
110 
111  return $this->database->deleteData($delete);
112  }
113 }
$user_guid
$user_guid
Definition: login_as.php:10
Elgg\Security\Crypto
Cryptographic services.
Definition: Crypto.php:12
Elgg\Database
The Elgg database.
Definition: Database.php:26
ELGG_VALUE_GUID
const ELGG_VALUE_GUID
Definition: constants.php:113
$delete
$delete
Definition: admin_notice.php:13
Elgg\Database\UsersApiSessionsTable
Manage the contents of the users_apisessions table.
Definition: UsersApiSessionsTable.php:15
Elgg\Traits\TimeUsing
trait TimeUsing
Adds methods for setting the current time (for testing)
Definition: TimeUsing.php:10
Elgg\Database\Insert\intoTable
static intoTable(string $table)
Returns a QueryBuilder for inserting data in a given table.
Definition: Insert.php:17
Elgg\Traits\getCurrentTime
getCurrentTime($modifier= '')
Get the (cloned) time.
Definition: TimeUsing.php:25
Elgg\Database\UsersApiSessionsTable\createToken
createToken(int $user_guid, int $expires=60)
Obtain a token for a user.
Definition: UsersApiSessionsTable.php:41
Elgg\Database\UsersApiSessionsTable\removeExpiresTokens
removeExpiresTokens()
Remove expired tokens.
Definition: UsersApiSessionsTable.php:107
Elgg\Database\UsersApiSessionsTable\getUserTokens
getUserTokens(int $user_guid)
Get all tokens attached to a user.
Definition: UsersApiSessionsTable.php:62
Elgg\Database\Delete\fromTable
static fromTable(string $table)
Returns a QueryBuilder for deleting data from a given table.
Definition: Delete.php:17
$expires
$expires
Definition: security_txt.php:19
$token
$token
Definition: securitytoken.php:9
ELGG_VALUE_TIMESTAMP
const ELGG_VALUE_TIMESTAMP
Definition: constants.php:115
ELGG_VALUE_STRING
const ELGG_VALUE_STRING
Definition: constants.php:112
Elgg\Database\UsersApiSessionsTable\removeToken
removeToken(string $token)
Remove user token.
Definition: UsersApiSessionsTable.php:95
Elgg\Database\Select\fromTable
static fromTable(string $table,?string $alias=null)
Returns a QueryBuilder for selecting data from a given table.
Definition: Select.php:18
Elgg\Database\UsersApiSessionsTable\__construct
__construct(protected Database $database, protected Crypto $crypto)
Create a new table handler.
Definition: UsersApiSessionsTable.php:30
Elgg\Database\UsersApiSessionsTable\validateToken
validateToken(string $token)
Validate that a given token is still valid.
Definition: UsersApiSessionsTable.php:77
Generated on Tue Aug 5 2025 00:02:12 for Elgg by   doxygen 1.8.11