16254939635

Committed 14 Jul 2025 12:11AM UTC coverage: 82.303% (-0.05%) from 82.353%

Build # 16254939635

Build Type

Pull #52

github

Committed by

web-flow

Commit Message

Merge 6744005d0 into 883e6ad8e

Pull Request Pull Request #52: Re-enabled linter

Coverage Stats

42 of 50 new or added lines in 9 files covered. (84.0%)

293 of 356 relevant lines covered (82.3%)

9.92 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

38.71

/src/Auth/SqlTokenService.php

<?php

declare(strict_types=1);

namespace App\Auth;

use PDO;

/**
 * Defines the token service backed by SQL
 */
final class SqlTokenService implements ITokenService
{
    /** @var int The length of generated tokens */
    private const int TOKEN_LENGTH = 32;

    /**
     * @param PDO $pdo The PDO instance to use to connect to the database
     */
    public function __construct(private readonly PDO $pdo) {}

    /**
     * @inheritdoc
     */
    public function createToken(int $userId, int $ttlSeconds): string
    {
        $token = \bin2hex(\random_bytes(self::TOKEN_LENGTH));
        $statement = $this->pdo->prepare(
            <<<SQL
INSERT INTO auth_tokens (user_id, hashed_token, expiration) VALUES (:userId, :hashedToken, :expiration)
SQL,
        );
        $statement->execute([
            'userId' => $userId,
            'hashedToken' => self::hashToken($token),
            'expiration' => \time() + $ttlSeconds,
        ]);

        return $token;
    }

    /**
     * @inheritdoc
     */
    public function expireToken(int $userId, string $token): void
    {
        $statement = $this->pdo->prepare(
            <<<SQL
UPDATE auth_tokens SET expiration = :expiration WHERE user_id = :userId AND hashed_token = :hashedToken
SQL,
        );
        $statement->execute([
            'expiration' => 0,
            'userId' => $userId,
            'hashToken' => self::hashToken($token),
        ]);
    }

    /**
     * @inheridoc
     */
    public function validateToken(int $userId, string $token): bool
    {
        $statement = $this->pdo->prepare(
            <<<SQL
SELECT * FROM auth_tokens WHERE user_id = :userId AND hashed_token = :hashedToken AND expiration > :time
SQL,
        );
        $statement->execute([
            'userId' => $userId,
            'hashedToken' => self::hashToken($token),
            'time' => \time(),
        ]);

        return \count($statement->fetchAll()) === 1;
    }

    /**
     * Hashes a token for storage
     *
     * @param string $token The token to hash
     * @return string The hashed token
     */
    private static function hashToken(string $token): string
    {
        return \hash('sha256', $token);
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	namespace App\Auth;
6
7	use PDO;
8
9	/**
10	* Defines the token service backed by SQL
11	*/
12	final class SqlTokenService implements ITokenService
13	{
14	/** @var int The length of generated tokens */
15	private const int TOKEN_LENGTH = 32;
16
17	/**
18	* @param PDO $pdo The PDO instance to use to connect to the database
19	*/
20	public function __construct(private readonly PDO $pdo) {}
21
22	/**
23	* @inheritdoc
24	*/
25	public function createToken(int $userId, int $ttlSeconds): string
26	{
27	$token = \bin2hex(\random_bytes(self::TOKEN_LENGTH));	2✔
28	$statement = $this->pdo->prepare(	2✔
29	<<<SQL	2✔
30	INSERT INTO auth_tokens (user_id, hashed_token, expiration) VALUES (:userId, :hashedToken, :expiration)
31	SQL,	2✔
32	);	2✔
33	$statement->execute([	2✔
34	'userId' => $userId,	2✔
35	'hashedToken' => self::hashToken($token),	2✔
36	'expiration' => \time() + $ttlSeconds,	2✔
37	]);	2✔
38
39	return $token;	2✔
40	}
41
42	/**
43	* @inheritdoc
44	*/
45	public function expireToken(int $userId, string $token): void
46	{
47	$statement = $this->pdo->prepare(	×
48	<<<SQL	×
49	UPDATE auth_tokens SET expiration = :expiration WHERE user_id = :userId AND hashed_token = :hashedToken
NEW 50	SQL,	×
51	);	×
52	$statement->execute([	×
53	'expiration' => 0,	×
54	'userId' => $userId,	×
NEW 55	'hashToken' => self::hashToken($token),	×
56	]);	×
57	}
58
59	/**
60	* @inheridoc
61	*/
62	public function validateToken(int $userId, string $token): bool
63	{
64	$statement = $this->pdo->prepare(	×
65	<<<SQL	×
66	SELECT * FROM auth_tokens WHERE user_id = :userId AND hashed_token = :hashedToken AND expiration > :time
NEW 67	SQL,	×
68	);	×
69	$statement->execute([	×
70	'userId' => $userId,	×
71	'hashedToken' => self::hashToken($token),	×
NEW 72	'time' => \time(),	×
73	]);	×
74
75	return \count($statement->fetchAll()) === 1;	×
76	}
77
78	/**
79	* Hashes a token for storage
80	*
81	* @param string $token The token to hash
82	* @return string The hashed token
83	*/
84	private static function hashToken(string $token): string
85	{
86	return \hash('sha256', $token);	2✔
87	}
88	}

aphiria / app / 16254939635

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous