Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Reauth endpoint

Browse Source
This commit is contained in:
Kilian Hofmann
2024-07-28 22:37:12 +02:00
parent 7723dd0722
commit 9828ee762a
9 changed files with 201 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
exam/classes/Models/User/User.php
+80 -10
View File
@@ -114,7 +114,8 @@ class User implements JsonSerializable
FROM
egb_benutzer AS b
WHERE
token = :TOKEN"
token = :TOKEN AND
tokenExpiry > NOW()"
);
$stmt->bindValue(":TOKEN", $token);
$stmt->execute();
@@ -154,18 +155,29 @@ class User implements JsonSerializable
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
}
// Generate token
$stmt = $db->prepare("UPDATE egb_benutzer SET token = UUID() WHERE id = :ID");
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
if (empty($data["token"]) || new DateTime($data["tokenExpiry"]) <= new DateTime()) {
// Generate token
$stmt = $db->prepare(
"UPDATE
egb_benutzer
SET
token = UUID(),
tokenExpiry = DATE_ADD(NOW(), INTERVAL 1 HOUR),
refreshToken = UUID(),
refreshExpiry = DATE_ADD(NOW(), INTERVAL 30 DAY)
WHERE id = :ID"
);
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
}
// Get token
$stmt = $db->prepare("SELECT token FROM egb_benutzer WHERE id = :ID");
$stmt = $db->prepare("SELECT token, refreshToken FROM egb_benutzer WHERE id = :ID");
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
$token = $stmt->fetch(PDO::FETCH_COLUMN, 0);
// Return user and token
[$token, $refresh] = $stmt->fetch(PDO::FETCH_NUM);
// Return user and tokens
if ($token) {
return ["user" => $user, "token" => $token];
return ["user" => $user, "token" => $token, "refreshToken" => $refresh];
}
// Token generation failed
throw new Exception("Failed");
@@ -261,6 +273,55 @@ class User implements JsonSerializable
return ["pages" => intdiv($count, $limit + 1), "data" => $list];
}
public static function refresh(string $token, string $refreshToken)
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT
b.id, b.benutzer, b.status, b.email, b.image, b.isadmin, b.zeitstempel,
(SELECT COUNT(*) FROM egb_gaestebuch WHERE benutzer_id = b.id) as postCount
FROM
egb_benutzer AS b
WHERE
token = :TOKEN AND
refreshToken = :REFRESH AND
refreshExpiry > NOW()"
);
$stmt->bindValue(":TOKEN", $token);
$stmt->bindValue(":REFRESH", $refreshToken);
$stmt->execute();
$data = $stmt->fetch();
if (!$data) throw new Exception("NotFound");
$user = new User($data["id"], $data["benutzer"], $data["status"], $data["email"], $data["zeitstempel"], $data["image"], $data["isadmin"] === 1, $data["postCount"]);
$stmt = $db->prepare(
"UPDATE
egb_benutzer
SET
token = UUID(),
tokenExpiry = DATE_ADD(NOW(), INTERVAL 1 HOUR),
refreshToken = UUID(),
refreshExpiry = DATE_ADD(NOW(), INTERVAL 30 DAY)
WHERE id = :ID"
);
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
// Get token
$stmt = $db->prepare("SELECT token, refreshToken FROM egb_benutzer WHERE id = :ID");
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
[$token, $refresh] = $stmt->fetch(PDO::FETCH_NUM);
// Return user and tokens
if ($token) {
return ["user" => $user, "token" => $token, "refreshToken" => $refresh];
}
// Token generation failed
throw new Exception("Failed");
}
/*
* Members
*/
@@ -268,7 +329,16 @@ class User implements JsonSerializable
public function logOut(): bool
{
$db = Database::getInstance();
$stmt = $db->prepare("UPDATE egb_benutzer SET token = NULL WHERE id = :ID");
$stmt = $db->prepare(
"UPDATE
egb_benutzer
SET
token = NULL,
tokenExpiry = NULL,
refreshToken = NULL,
refreshExpiry = NULL
WHERE id = :ID"
);
$stmt->bindValue(":ID", $this->id);
return $stmt->execute();
}