22520725744

Committed 27 Feb 2026 09:30PM UTC coverage: 65.761% (-1.1%) from 66.864%

Build # 22520725744

Build Type

push

github

Committed by

daycry

Commit Message

Add StatelessAuthenticator and refactor token handling

Introduce StatelessAuthenticator as a shared base for JWT/AccessToken and centralize token extraction (getTokenFromRequest). Refactor JWT and AccessToken to extend it and simplify header/query parsing. Add Utils::generateNumericCode and use it in Email2FA/EmailActivator to replace duplicated generators. Centralize model() calls in traits (HasAccessTokens, HasDeviceSessions, HasTotp) via small private getters. Improve filters and error handling: add buildDeniedResponse in AbstractAuthFilter, adjust Group/Permission filters to return ResponseInterface and reuse the builder. Replace static authorization flags with instance properties in AuthenticationException/AuthorizationException and update ExceptionHandler to read them safely. Misc: small controller/type fixes, email helper guard, DeviceSessionModel null handling, active-group/permission query fixes, phpstan baseline updates, and adjust tests to expect 403 for denied JSON responses.

Run Details

56 of 68 new or added lines in 19 files covered. (82.35%)

115 existing lines in 7 files now uncovered.

2614 of 3975 relevant lines covered (65.76%)

42.9 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Entities/AccessToken.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Entities;

use CodeIgniter\I18n\Time;

/**
 * Class AccessToken
 *
 * Represents a single Personal Access Token, used
 * for authenticating users for an API.
 *
 * @property string|Time|null $last_used_at
 */
class AccessToken extends UserIdentity
{
    /**
     * @var array<string, string>
     */
    protected $casts = [
        'extra' => 'serialized',
    ];

    /**
     * @var array<string, string>
     */
    protected $datamap = [
        'scopes' => 'extra',
    ];

    /**
     * Determines whether this token grants
     * permission to the $scope
     */
    public function can(string $scope): bool
    {
        if ($this->extra === []) {
            return false;
        }

        // Wildcard present
        if (in_array('*', $this->extra, true)) {
            return true;
        }

        // Check stored scopes
        return in_array($scope, $this->extra, true);
    }

    /**
     * Determines whether this token does NOT
     * grant permission to $scope.
     */
    public function cant(string $scope): bool
    {
        return ! $this->can($scope);
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Entities;
15
16	use CodeIgniter\I18n\Time;
17
18	/**
19	* Class AccessToken
20	*
21	* Represents a single Personal Access Token, used
22	* for authenticating users for an API.
23	*
24	* @property string\|Time\|null $last_used_at
25	*/
26	class AccessToken extends UserIdentity
27	{
28	/**
29	* @var array<string, string>
30	*/
31	protected $casts = [
32	'extra' => 'serialized',
33	];
34
35	/**
36	* @var array<string, string>
37	*/
38	protected $datamap = [
39	'scopes' => 'extra',
40	];
41
42	/**
43	* Determines whether this token grants
44	* permission to the $scope
45	*/
46	public function can(string $scope): bool
47	{
UNCOV 48	if ($this->extra === []) {	×
UNCOV 49	return false;	×
50	}
51
52	// Wildcard present
UNCOV 53	if (in_array('*', $this->extra, true)) {	×
UNCOV 54	return true;	×
55	}
56
57	// Check stored scopes
UNCOV 58	return in_array($scope, $this->extra, true);	×
59	}
60
61	/**
62	* Determines whether this token does NOT
63	* grant permission to $scope.
64	*/
65	public function cant(string $scope): bool
66	{
UNCOV 67	return ! $this->can($scope);	×
68	}
69	}

daycry / auth / 22520725744

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous