25552752016

Committed 08 May 2026 11:20AM UTC coverage: 71.592% (+13.0%) from 58.608%

Build # 25552752016

Build Type

push

github

Committed by

web-flow

Commit Message

Merge pull request #48 from daycry/development

Add Laravel-parity authentication features: Gates, Password Confirmation, Basic Auth

Coverage Stats

198 of 252 new or added lines in 18 files covered. (78.57%)

1 existing line in 1 file now uncovered.

4453 of 6220 relevant lines covered (71.59%)

62.44 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

91.67

/src/Commands/TokensCommand.php

<?php

declare(strict_types=1);

/**
 * This file is part of Daycry Auth.
 *
 * (c) Daycry <daycry9@proton.me>
 *
 * For the full copyright and license information, please view
 * the LICENSE file that was distributed with this source code.
 */

namespace Daycry\Auth\Commands;

use CodeIgniter\CLI\CLI;
use Daycry\Auth\Enums\IdentityType;
use Daycry\Auth\Models\AccessTokenRepository;
use Daycry\Auth\Models\UserIdentityModel;
use Daycry\Auth\Models\UserModel;
use Throwable;

/**
 * Admin CLI to soft-revoke a user's access / JWT-refresh tokens.
 *
 * Usage:
 *   php spark auth:tokens revoke -e user@example.com
 *   php spark auth:tokens revoke -e user@example.com --type=access_token
 *   php spark auth:tokens revoke -e user@example.com --type=jwt_refresh
 *   php spark auth:tokens revoke -e user@example.com --type=all
 */
class TokensCommand extends BaseCommand
{
    /**
     * Command's name
     *
     * @var string
     */
    protected $name = 'auth:tokens';

    /**
     * Command's short description
     *
     * @var string
     */
    protected $description = 'Soft-revoke access / refresh tokens for a user.';

    /**
     * Command's usage
     *
     * @var string
     */
    protected $usage = <<<'EOL'
        auth:tokens revoke -e <email> [--type=access_token|jwt_refresh|all]
        EOL;

    /**
     * Command's Arguments
     *
     * @var array<string, string>
     */
    protected $arguments = [
        'action' => 'Currently only `revoke` is supported.',
    ];

    /**
     * Command's Options
     *
     * @var array<string, string>
     */
    protected $options = [
        '-e'     => 'Target user email.',
        '-i'     => 'Target user id (alternative to -e).',
        '--type' => 'Token type to revoke: access_token | jwt_refresh | all (default: all).',
    ];

    public function run(array $params): int
    {
        $action = $params[0] ?? '';

        if ($action !== 'revoke') {
            $this->error('Unsupported action. Supported: revoke.');

            return 1;
        }

        $email = (string) ($params['e'] ?? '');
        $id    = (string) ($params['i'] ?? '');
        $type  = (string) ($params['type'] ?? 'all');

        if ($email === '' && $id === '') {
            $this->error('Specify -e <email> or -i <id>.');

            return 1;
        }

        /** @var UserModel $userModel */
        $userModel = model(UserModel::class);
        $user      = $id !== ''
            ? $userModel->findById((int) $id)
            : $userModel->findByCredentials(['email' => $email]);

        if ($user === null) {
            $this->error('User not found.');

            return 1;
        }

        try {
            if ($type === 'all' || $type === 'access_token') {
                $repo = new AccessTokenRepository(model(UserIdentityModel::class));
                $repo->softRevokeAllAccessTokens($user);
                $this->write('Revoked all access tokens for user ' . $user->id, 'green');
            }

            if ($type === 'all' || $type === 'jwt_refresh') {
                /** @var UserIdentityModel $identityModel */
                $identityModel = model(UserIdentityModel::class);
                $identityModel->revokeIdentitiesByUserAndType(
                    (int) $user->id,
                    IdentityType::JWT_REFRESH->value,
                );
                $this->write('Revoked all JWT refresh tokens for user ' . $user->id, 'green');
            }

            // Sanity check on the type argument
            if (! in_array($type, ['all', 'access_token', 'jwt_refresh'], true)) {
                $this->error('Unknown --type. Use: access_token | jwt_refresh | all.');

                return 1;
            }
        } catch (Throwable $e) {
            $this->error('Token revocation failed: ' . $e->getMessage());

            return 1;
        }

        return 0;
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	/**
6	* This file is part of Daycry Auth.
7	*
8	* (c) Daycry <daycry9@proton.me>
9	*
10	* For the full copyright and license information, please view
11	* the LICENSE file that was distributed with this source code.
12	*/
13
14	namespace Daycry\Auth\Commands;
15
16	use CodeIgniter\CLI\CLI;
17	use Daycry\Auth\Enums\IdentityType;
18	use Daycry\Auth\Models\AccessTokenRepository;
19	use Daycry\Auth\Models\UserIdentityModel;
20	use Daycry\Auth\Models\UserModel;
21	use Throwable;
22
23	/**
24	* Admin CLI to soft-revoke a user's access / JWT-refresh tokens.
25	*
26	* Usage:
27	* php spark auth:tokens revoke -e user@example.com
28	* php spark auth:tokens revoke -e user@example.com --type=access_token
29	* php spark auth:tokens revoke -e user@example.com --type=jwt_refresh
30	* php spark auth:tokens revoke -e user@example.com --type=all
31	*/
32	class TokensCommand extends BaseCommand
33	{
34	/**
35	* Command's name
36	*
37	* @var string
38	*/
39	protected $name = 'auth:tokens';
40
41	/**
42	* Command's short description
43	*
44	* @var string
45	*/
46	protected $description = 'Soft-revoke access / refresh tokens for a user.';
47
48	/**
49	* Command's usage
50	*
51	* @var string
52	*/
53	protected $usage = <<<'EOL'
54	auth:tokens revoke -e <email> [--type=access_token\|jwt_refresh\|all]
55	EOL;
56
57	/**
58	* Command's Arguments
59	*
60	* @var array<string, string>
61	*/
62	protected $arguments = [
63	'action' => 'Currently only `revoke` is supported.',
64	];
65
66	/**
67	* Command's Options
68	*
69	* @var array<string, string>
70	*/
71	protected $options = [
72	'-e' => 'Target user email.',
73	'-i' => 'Target user id (alternative to -e).',
74	'--type' => 'Token type to revoke: access_token \| jwt_refresh \| all (default: all).',
75	];
76
77	public function run(array $params): int	7✔
78	{
79	$action = $params[0] ?? '';	7✔
80
81	if ($action !== 'revoke') {	7✔
82	$this->error('Unsupported action. Supported: revoke.');	1✔
83
84	return 1;	1✔
85	}
86
87	$email = (string) ($params['e'] ?? '');	6✔
88	$id = (string) ($params['i'] ?? '');	6✔
89	$type = (string) ($params['type'] ?? 'all');	6✔
90
91	if ($email === '' && $id === '') {	6✔
92	$this->error('Specify -e <email> or -i <id>.');	1✔
93
94	return 1;	1✔
95	}
96
97	/** @var UserModel $userModel */
98	$userModel = model(UserModel::class);	5✔
99	$user = $id !== ''	5✔
100	? $userModel->findById((int) $id)	1✔
101	: $userModel->findByCredentials(['email' => $email]);	4✔
102
103	if ($user === null) {	5✔
104	$this->error('User not found.');	1✔
105
106	return 1;	1✔
107	}
108
109	try {
110	if ($type === 'all' \|\| $type === 'access_token') {	4✔
111	$repo = new AccessTokenRepository(model(UserIdentityModel::class));	2✔
112	$repo->softRevokeAllAccessTokens($user);	2✔
113	$this->write('Revoked all access tokens for user ' . $user->id, 'green');	2✔
114	}
115
116	if ($type === 'all' \|\| $type === 'jwt_refresh') {	4✔
117	/** @var UserIdentityModel $identityModel */
118	$identityModel = model(UserIdentityModel::class);	3✔
119	$identityModel->revokeIdentitiesByUserAndType(	3✔
120	(int) $user->id,	3✔
121	IdentityType::JWT_REFRESH->value,	3✔
122	);	3✔
123	$this->write('Revoked all JWT refresh tokens for user ' . $user->id, 'green');	3✔
124	}
125
126	// Sanity check on the type argument
127	if (! in_array($type, ['all', 'access_token', 'jwt_refresh'], true)) {	4✔
128	$this->error('Unknown --type. Use: access_token \| jwt_refresh \| all.');	1✔
129
130	return 1;	4✔
131	}
132	} catch (Throwable $e) {	×
NEW 133	$this->error('Token revocation failed: ' . $e->getMessage());	×
134
135	return 1;	×
136	}
137
138	return 0;	3✔
139	}
140	}

daycry / auth / 25552752016

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous