entityManager = $entityManager; $this->repository = $entityManager->getRDBRepository(AuthTokenEntity::ENTITY_TYPE); } public function get(string $token): ?AuthToken { /** @var ?AuthTokenEntity */ $authToken = $this->entityManager ->getRDBRepository(AuthTokenEntity::ENTITY_TYPE) ->select([ 'id', 'isActive', 'token', 'secret', 'userId', 'portalId', 'hash', 'createdAt', 'lastAccess', 'modifiedAt', ]) ->where([ 'token' => $token, ]) ->findOne(); return $authToken; } public function create(Data $data): AuthToken { /** @var ?AuthTokenEntity */ $authToken = $this->repository->getNew(); $authToken->set([ 'userId' => $data->getUserId(), 'portalId' => $data->getPortalId(), 'hash' => $data->getHash(), 'ipAddress' => $data->getIpAddress(), 'lastAccess' => date('Y-m-d H:i:s'), 'token' => $this->generateToken(), ]); if ($data->toCreateSecret()) { $authToken->set('secret', $this->generateToken()); } $this->validate($authToken); $this->repository->save($authToken); return $authToken; } public function inactivate(AuthToken $authToken): void { if (!$authToken instanceof AuthTokenEntity) { throw new RuntimeException(); } $this->validateNotChanged($authToken); $authToken->set('isActive', false); $this->repository->save($authToken); } public function renew(AuthToken $authToken): void { if (!$authToken instanceof AuthTokenEntity) { throw new RuntimeException(); } $this->validateNotChanged($authToken); if ($authToken->isNew()) { throw new RuntimeException("Can renew only not new auth token."); } $authToken->set('lastAccess', date('Y-m-d H:i:s')); $this->repository->save($authToken); } protected function validate(AuthToken $authToken): void { if (!$authToken->getToken()) { throw new RuntimeException("Empty token."); } if (!$authToken->getUserId()) { throw new RuntimeException("Empty user ID."); } } protected function validateNotChanged(AuthTokenEntity $authToken): void { if ( $authToken->isAttributeChanged('token') || $authToken->isAttributeChanged('secret') || $authToken->isAttributeChanged('hash') || $authToken->isAttributeChanged('userId') || $authToken->isAttributeChanged('portalId') ) { throw new RuntimeException("Auth token was changed."); } } protected function generateToken(): string { $length = self::TOKEN_RANDOM_LENGTH; if (function_exists('random_bytes')) { return bin2hex(random_bytes($length)); } if (function_exists('mcrypt_create_iv')) { return bin2hex(mcrypt_create_iv($length, MCRYPT_DEV_URANDOM)); } if (function_exists('openssl_random_pseudo_bytes')) { return bin2hex(openssl_random_pseudo_bytes($length)); } throw new RuntimeException("Could not generate token."); } }