UserRepository::getByLoginPassword() - Code Metrics - Inspection of "Add avatars" - Ecodev/my-ichtus - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 0e1368...c48087 )

by Sam

created 2018-11-20 18:11 UTC

UserRepository::getByLoginPassword() B

↳ Parent: UserRepository

Complexity

Conditions	10
Paths	7

Size

Total Lines	25
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	12
CRAP Score	10

Importance

Changes

Metric	Value
cc	10
eloc	11
nc	7
nop	2
dl	0
loc	25
ccs	12
cts	12
cp	1
crap	10
rs	7.6666
c	0
b	0
f	0

How to fix Complexity

<?php

declare(strict_types=1);

namespace Application\Repository;

use Application\Model\User;
use Cake\Chronos\Chronos;

class UserRepository extends AbstractRepository implements LimitedAccessSubQueryInterface
{
    /**
     * Returns the user authenticated by its email and password
     *
     * @param string $login
     * @param string $password
     *
     * @return null|User
     */
    public function getByLoginPassword(string $login, string $password): ?User
    {
        /** @var User $user */
        $user = $this->getByLogin($login);

        if (!$user || ($user->getActiveUntil() && $user->getActiveUntil() < new Chronos())) {

            return null;
        }

        $hashFromDb = $user->getPassword();
        $isMd5 = mb_strlen($hashFromDb) === 32 && ctype_xdigit($hashFromDb);

        // If we found a user and he has a correct MD5 or correct new hash, then return the user
        if (($isMd5 && md5($password) === $hashFromDb) || password_verify($password, $hashFromDb)) {

            // Update the hash in DB, if we are still MD5, or if PHP default options changed
            if ($isMd5 || password_needs_rehash($hashFromDb, PASSWORD_DEFAULT)) {
                $user->setPassword($password);
                _em()->flush();
            }

            return $user;
        }

        return null;
    }

    /**
     * Unsecured way to get a user from its ID.
     *
     * This should only be used in tests or controlled environment.
     *
     * @param int $id
     *
     * @return null|User
     */
    public function getOneById(int $id): ?User
    {
        $this->getAclFilter()->setEnabled(false);
        $user = $this->findOneById($id);
        $user = $this->findOneById($id);
        $this->getAclFilter()->setEnabled(true);

        return $user;
    }

    /**
     * Unsecured way to get a user from its login.
     *
     * This should only be used in tests or controlled environment.
     *
     * @param null|string $login
     *
     * @return null|User
     */
    public function getByLogin(?string $login): ?User
    {
        $this->getAclFilter()->setEnabled(false);
        $user = $this->findOneByLogin($login);
        $user = $this->findOneByLogin($login);
        $this->getAclFilter()->setEnabled(true);

        return $user;
    }

    /**
     * Returns pure SQL to get ID of all objects that are accessible to given user.
     *
     * @param null|User $user
     *
     * @return string
     */
    public function getAccessibleSubQuery(?User $user): string
    {
        if ($user) {
            return $this->getAllIdsQuery();
        }

        return '-1';
    }
}


Ecodev / my-ichtus

Push — master ( 0e1368...c48087 )

UserRepository::getByLoginPassword() B

Complexity

Size

Duplication

Code Coverage

Importance

How to fix Complexity

Long Method

Duplication Side-by-Side

Filter issues like