25518434194

Committed 07 May 2026 07:49PM UTC coverage: 58.608% (-6.4%) from 64.989%

Build # 25518434194

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #47 from daycry/development

Implement security enhancements and new account features

Coverage Stats

277 of 1030 new or added lines in 55 files covered. (26.89%)

11 existing lines in 6 files now uncovered.

3544 of 6047 relevant lines covered (58.61%)

47.97 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/Models/JwtTokenRepository.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Models;

use Daycry\Auth\Entities\UserIdentity;
use Daycry\Auth\Services\AuditLogger;

/**
 * Repository for JWT refresh token operations.
 *
 * Encapsulates JWT refresh token CRUD from UserIdentityModel.
 */
class JwtTokenRepository
{
    public function __construct(
        private readonly UserIdentityModel $identityModel,
    ) {
    }

    /**
     * Stores a new JWT refresh token for the given user.
     *
     * @param int    $userId    User primary key
     * @param string $rawToken  The raw (unhashed) token to store
     * @param string $expiresAt Datetime string 'Y-m-d H:i:s'
     */
    public function createRefreshToken(int $userId, string $rawToken, string $expiresAt): void
    {
        $this->identityModel->createJwtRefreshToken($userId, $rawToken, $expiresAt);
    }

    /**
     * Finds a valid (non-expired, non-revoked) JWT refresh token.
     *
     * @param int    $userId   User primary key
     * @param string $rawToken The raw (unhashed) token
     */
    public function getRefreshToken(int $userId, string $rawToken): ?UserIdentity
    {
        return $this->identityModel->getJwtRefreshToken($userId, $rawToken);
    }

    /**
     * Revokes a JWT refresh token (hard-delete).
     *
     * @param int $identityId The identity record primary key
     */
    public function revokeRefreshToken(int $identityId): void
    {
        $this->identityModel->delete($identityId);
    }

    /**
     * Soft-revokes a JWT refresh token by setting revoked_at.
     *
     * @param int      $identityId The identity record primary key
     * @param int|null $userId     User id for audit (when known by the caller)
     */
    public function softRevokeRefreshToken(int $identityId, ?int $userId = null): void
    {
        $this->identityModel->revokeIdentityById($identityId);

        (new AuditLogger())->record(AuditLogger::EVENT_REFRESH_TOKEN_REVOKED, $userId, [
            'identity_id' => $identityId,
        ]);
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Models;
15
16	use Daycry\Auth\Entities\UserIdentity;
17	use Daycry\Auth\Services\AuditLogger;
18
19	/**
20	* Repository for JWT refresh token operations.
21	*
22	* Encapsulates JWT refresh token CRUD from UserIdentityModel.
23	*/
24	class JwtTokenRepository
25	{
26	public function __construct(	×
27	private readonly UserIdentityModel $identityModel,
28	) {
29	}	×
30
31	/**
32	* Stores a new JWT refresh token for the given user.
33	*
34	* @param int $userId User primary key
35	* @param string $rawToken The raw (unhashed) token to store
36	* @param string $expiresAt Datetime string 'Y-m-d H:i:s'
37	*/
38	public function createRefreshToken(int $userId, string $rawToken, string $expiresAt): void	×
39	{
40	$this->identityModel->createJwtRefreshToken($userId, $rawToken, $expiresAt);	×
41	}
42
43	/**
44	* Finds a valid (non-expired, non-revoked) JWT refresh token.
45	*
46	* @param int $userId User primary key
47	* @param string $rawToken The raw (unhashed) token
48	*/
49	public function getRefreshToken(int $userId, string $rawToken): ?UserIdentity	×
50	{
51	return $this->identityModel->getJwtRefreshToken($userId, $rawToken);	×
52	}
53
54	/**
55	* Revokes a JWT refresh token (hard-delete).
56	*
57	* @param int $identityId The identity record primary key
58	*/
59	public function revokeRefreshToken(int $identityId): void	×
60	{
61	$this->identityModel->delete($identityId);	×
62	}
63
64	/**
65	* Soft-revokes a JWT refresh token by setting revoked_at.
66	*
67	* @param int $identityId The identity record primary key
68	* @param int\|null $userId User id for audit (when known by the caller)
69	*/
NEW 70	public function softRevokeRefreshToken(int $identityId, ?int $userId = null): void	×
71	{
72	$this->identityModel->revokeIdentityById($identityId);	×
73
NEW 74	(new AuditLogger())->record(AuditLogger::EVENT_REFRESH_TOKEN_REVOKED, $userId, [	×
NEW 75	'identity_id' => $identityId,	×
NEW 76	]);	×
77	}
78	}

daycry / auth / 25518434194

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous