PdoCredentialsValidator::__construct() - Code Metrics - Inspection of "Merge branch 'release/2.0.0'" - GermaniaKG/UserProfiles - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 47c301...31349b )

by Carsten

created 2018-04-13 07:13 UTC

PdoCredentialsValidator::__construct() A

↳ Parent: PdoCredentialsValidator

Complexity

Conditions	3
Paths	1

Size

Total Lines	17
Code Lines	6

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	7
CRAP Score	3

Importance

Changes

Metric	Value
cc	3
eloc	6
nc	1
nop	4
dl	0
loc	17
ccs	7
cts	7
cp	1
crap	3
rs	9.4285
c	0
b	0
f	0

<?php
namespace Germania\UserProfiles;

use Psr\Log\LoggerInterface;
use Psr\Log\NullLogger;

/**
 * This Callable checks if given username and password match a stored login name and password combination,
 * using a custom verifier function.
 *
 * Example:
 *
 *     <?php
 *     use Germania\UserProfiles\PdoCredentialsValidator;
 *
 *     $pdo      = new PDO( ... );
 *     $verifier = function() { return false; };
 *     $logger   = new Monolog();
 *     $table    = 'users';
 *
 *     $checker = new PdoCredentialsValidator( $pdo, $verifier, $logger, $table);
 *     $result = $checker( '[email protected]', 'take_this_secret' );
 *     ?>
 *
 * @author  Carsten Witt <[email protected]>
 */
class PdoCredentialsValidator
{

    /**
     * Database table
     * @var string
     */
    public $table = 'users';

    /**
     * @var PDOStatement

     */
    public $stmt;

    /**
     * @var Callable
     */
    public $password_verifier;

    /**
     * @var LoggerInterface
     */
    public $logger;


    /**
     * @param PDO             $pdo                PDO instance
     * @param Callable        $password_verifier  Callable password verifier that accepts password and password hash
     * @param LoggerInterface $logger             Optional: PSR-3 Logger
     * @param string          $table              Optional: Database table name
     */
    public function __construct( \PDO $pdo, Callable $password_verifier, LoggerInterface $logger = null, $table = null)
    {
        $this->password_verifier = $password_verifier;
        $this->logger            = $logger ?: new NullLogger;
        $this->table             = $table  ?: $this->table;


        // Prepare business
        $sql = "SELECT
        id,
        password
        FROM {$this->table}
        WHERE user_login_name = :login_name
        LIMIT 1";

        // Store for later use
        $this->stmt = $pdo->prepare( $sql );


    }



    /**
     * @param  string $login_name
     * @param  string $$password
     *
     * @return mixed  User ID as integer or FALSE on any failure
     */
    public function __invoke( $login_name, $password )
    {

        // Perform
        $this->stmt->execute([
            'login_name' => $login_name
        ]);


        // If user not found...
        $found_user = $this->stmt->fetch( \PDO::FETCH_OBJ );
        if (!$found_user):
            $this->logger->warning("User login name not found", [
                'user_name' => $login_name
            ]);
            return false;
        endif;


        // If password is wrong...
        $verifier = $this->password_verifier;
        if(!$verifier( $password, $found_user->password)) :

            $this->logger->warning("Wrong password", [
                'user_name' => $login_name
            ]);
            return false;
        endif;

        // Return found user ID
        return $found_user->id;

    }



}


1		<?php
2		namespace Germania\UserProfiles;
3
4		use Psr\Log\LoggerInterface;
5		use Psr\Log\NullLogger;
6
7		/**
8		* This Callable checks if given username and password match a stored login name and password combination,
9		* using a custom verifier function.
10		*
11		* Example:
12		*
13		* <?php
14		* use Germania\UserProfiles\PdoCredentialsValidator;
15		*
16		* $pdo = new PDO( ... );
17		* $verifier = function() { return false; };
18		* $logger = new Monolog();
19		* $table = 'users';
20		*
21		* $checker = new PdoCredentialsValidator( $pdo, $verifier, $logger, $table);
22		* $result = $checker( '[email protected]', 'take_this_secret' );
23		* ?>
24		*
25		* @author Carsten Witt <[email protected]>
26		*/
27		class PdoCredentialsValidator
28		{
29
30		/**
31		* Database table
32		* @var string
33		*/
34		public $table = 'users';
35
36		/**
37		* @var PDOStatement
		0 ignored issues – show Bug introduced 2017-08-31 15:21 UTC by Report Bug Copy Issue Report The type `Germania\UserProfiles\PDOStatement` was not found. Did you mean `PDOStatement`? If so, make sure to prefix the type with `\`. Loading history...
38		*/
39		public $stmt;
40
41		/**
42		* @var Callable
43		*/
44		public $password_verifier;
45
46		/**
47		* @var LoggerInterface
48		*/
49		public $logger;
50
51
52		/**
53		* @param PDO $pdo PDO instance
54		* @param Callable $password_verifier Callable password verifier that accepts password and password hash
55		* @param LoggerInterface $logger Optional: PSR-3 Logger
56		* @param string $table Optional: Database table name
57		*/
58	12	public function __construct( \PDO $pdo, Callable $password_verifier, LoggerInterface $logger = null, $table = null)
59		{
60	12	$this->password_verifier = $password_verifier;
61	12	$this->logger = $logger ?: new NullLogger;
62	12	$this->table = $table ?: $this->table;
63
64
65		// Prepare business
66		$sql = "SELECT
67		id,
68		password
69	12	FROM {$this->table}
70		WHERE user_login_name = :login_name
71	3	LIMIT 1";
72
73		// Store for later use
74	12	$this->stmt = $pdo->prepare( $sql );
		0 ignored issues – show Documentation Bug introduced 2017-08-31 15:21 UTC by Report Bug Copy Issue Report It seems like `$pdo->prepare($sql)` of type `PDOStatement` is incompatible with the declared type `Germania\UserProfiles\PDOStatement` of property `$stmt`. Our type inference engine has found an assignment to a property that is incompatible with the declared type of that property. Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.. Loading history...
75
76	12	}
77
78
79
80		/**
81		* @param string $login_name
82		* @param string $$password
83		*
84		* @return mixed User ID as integer or FALSE on any failure
85		*/
86	12	public function __invoke( $login_name, $password )
87		{
88
89		// Perform
90	12	$this->stmt->execute([
91	9	'login_name' => $login_name
92	3	]);
93
94
95		// If user not found...
96	12	$found_user = $this->stmt->fetch( \PDO::FETCH_OBJ );
97	12	if (!$found_user):
98	4	$this->logger->warning("User login name not found", [
99	3	'user_name' => $login_name
100	1	]);
101	4	return false;
102		endif;
103
104
105		// If password is wrong...
106	8	$verifier = $this->password_verifier;
107	8	if(!$verifier( $password, $found_user->password)) :
108
109	4	$this->logger->warning("Wrong password", [
110	3	'user_name' => $login_name
111	1	]);
112	4	return false;
113		endif;
114
115		// Return found user ID
116	4	return $found_user->id;
117
118		}
119
120
121
122		}
123

GermaniaKG / UserProfiles

Push — master ( 47c301...31349b )

PdoCredentialsValidator::__construct() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like