UserRepository::accessTokenExpiredOrRevoked() - Code Metrics - Inspection of "Changes" - SherifElfadaly/Laravel-Api-Skeleton - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( ae7a17...a23113 )

by Sherif

created 2018-11-27 08:48 UTC

UserRepository::accessTokenExpiredOrRevoked() A

↳ Parent: Project

Complexity

Conditions	3
Paths	2

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	14
rs	9.7998
c	0
b	0
f	0
cc	3
nc	2
nop	1

<?php namespace App\Modules\Acl\Repositories;

use App\Modules\Core\AbstractRepositories\AbstractRepository;
use Lcobucci\JWT\ValidationData;

class UserRepository extends AbstractRepository
{
    /**
     * Return the model full namespace.
     * 
     * @return string
     */
    protected function getModel()
    {
        return 'App\Modules\Acl\AclUser';
    }


    /**
     * Return the logged in user account.
     *
     * @param  array   $relations
     * @return boolean
     */
    public function account($relations = [])
    {
        $permissions = [];
        $user        = \Core::users()->find(\Auth::id(), $relations);
        foreach ($user->groups()->get() as $group)
        {
            $group->permissions->each(function ($permission) use (&$permissions){
                $permissions[$permission->model][$permission->id] = $permission->name;
            });
        }
        $user->permissions = $permissions;

       return $user;
    }

    /**
     * Check if the logged in user or the given user 
     * has the given permissions on the given model.
     * 
     * @param  string  $nameOfPermission
     * @param  string  $model            
     * @param  boolean $user
     * @return boolean
     */
    public function can($nameOfPermission, $model, $user = false)
    {      
        $user        = $user ?: $this->find(\Auth::id(), ['groups.permissions']);
        $permissions = [];

        $user->groups->pluck('permissions')->each(function ($permission) use (&$permissions, $model){
            $permissions = array_merge($permissions, $permission->where('model', $model)->pluck('name')->toArray()); 
        });
        
        return in_array($nameOfPermission, $permissions);
    }

    /**
     * Check if the logged in user has the given group.
     * 
     * @param  string  $groupName
     * @param  integer $userId
     * @return boolean
     */
    public function hasGroup($groups, $user = false)
    {
        $user = $user ?: $this->find(\Auth::id());
        return $user->groups->whereIn('name', $groups)->count() ? true : false;
    }

    /**
     * Assign the given group ids to the given user.
     * 
     * @param  integer $userId    
     * @param  array   $group_ids
     * @return object
     */
    public function assignGroups($userId, $group_ids)
    {
        \DB::transaction(function () use ($userId, $group_ids) {
            $user = $this->find($userId);
            $user->groups()->detach();
            $user->groups()->attach($group_ids);
        });

        return $this->find($userId);
    }


    /**
     * Handle a login request to the application.
     * 
     * @param  array   $credentials    
     * @param  boolean $adminLogin
     * @return object
     */
    public function login($credentials, $adminLogin = false)
    {
        if ( ! $user = $this->first(['email' => $credentials['email']])) 
        {
            \ErrorHandler::loginFailed();
        }
        else if ($adminLogin && ! $user->groups->whereIn('name', ['Admin'])->count()) 
        {
            \ErrorHandler::loginFailed();
        }
        else if ( ! $adminLogin && $user->groups->whereIn('name', ['Admin'])->count()) 
        {
            \ErrorHandler::loginFailed();
        }
        else if ($user->blocked)
        {
            \ErrorHandler::userIsBlocked();
        }
        else if ( ! config('skeleton.disable_confirm_email') && ! $user->confirmed)
        {
            \ErrorHandler::emailNotConfirmed();
        }

        return $user;
    }

    /**
     * Handle a social login request of the none admin to the application.
     * 
     * @param  string $authCode
     * @param  string $accessToken
     * @param  string $type
     * @return array
     */
    public function loginSocial($authCode, $accessToken, $type)
    {
        $access_token = $authCode ? array_get(\Socialite::driver($type)->getAccessTokenResponse($authCode), 'access_token') : $accessToken;
        $user         = \Socialite::driver($type)->userFromToken($access_token);

        if ( ! $user->email)
        {
            \ErrorHandler::noSocialEmail();
        }

        if ( ! $registeredUser = $this->model->where('email', $user->email)->first()) 
        {
            $this->register(['email' => $user->email, 'password' => ''], 1);
        }

        $loginProxy = \App::make('App\Modules\Acl\Proxy\LoginProxy');
        return $loginProxy->login(['email' => $credentials['email'], 'password' => config('skeleton.social_pass']], 0);

    }
    
    /**
     * Handle a registration request.
     * 
     * @param  array   $credentials
     * @param  boolean $skipConfirmEmail
     * @return array
     */
    public function register($credentials, $skipConfirmEmail = false)
    {
        $user = $this->save($credentials);

        if ($skipConfirmEmail) 
        {
            $user->confirmed = 1;
            $user->save();
        }
        else if ( ! config('skeleton.disable_confirm_email'))  
        {
            $this->sendConfirmationEmail($user->email);
        }

        return $user;
    }
    
    /**
     * Block the user.
     *
     * @param  integer $userId
     * @return object
     */
    public function block($userId)
    {
        if ( ! $user = $this->find($userId)) 
        {
            \ErrorHandler::notFound('user');
        }
        if ( ! $this->hasGroup(['Admin']))
        {
            \ErrorHandler::noPermissions();
        }
        else if (\Auth::id() == $userId)
        {
            \ErrorHandler::noPermissions();
        }
        else if ($user->groups->pluck('name')->search('Admin', true) !== false) 
        {
            \ErrorHandler::noPermissions();
        }

        $user->blocked = 1;
        $user->save();
        
        return $user;
    }

    /**
     * Unblock the user.
     *
     * @param  integer $userId
     * @return object
     */
    public function unblock($userId)
    {
        if ( ! $this->hasGroup(['Admin']))
        {
            \ErrorHandler::noPermissions();
        }

        $user          = $this->find($userId);
        $user->blocked = 0;
        $user->save();

        return $user;
    }

    /**
     * Send a reset link to the given user.
     *
     * @param  string  $email
     * @return void
     */
    public function sendReset($email)
    {
        if ( ! $user = $this->model->where('email', $email)->first())
        {
            \ErrorHandler::notFound('email');
        }

        $token = \Password::getRepository()->create($user);
        \Core::notifications()->notify($user, 'ResetPassword', $token);
    }

    /**
     * Reset the given user's password.
     *
     * @param  array  $credentials
     * @return array
     */
    public function resetPassword($credentials)
    {
        $response = \Password::reset($credentials, function ($user, $password) {
            $user->password = $password;
            $user->save();
        });

        switch ($response) {
            case \Password::PASSWORD_RESET:
                return 'success';
                
            case \Password::INVALID_TOKEN:
                \ErrorHandler::invalidResetToken('token');

            case \Password::INVALID_PASSWORD:
                \ErrorHandler::invalidResetPassword('email');

            case \Password::INVALID_USER:
                \ErrorHandler::notFound('user');

            default:
                \ErrorHandler::generalError();
        }
    }

    /**
     * Change the logged in user password.
     *
     * @param  array  $credentials
     * @return void
     */
    public function changePassword($credentials)
    {
        $user = \Auth::user();
        if ( ! \Hash::check($credentials['old_password'], $user->password)) 
        {
            \ErrorHandler::invalidOldPassword();
        }

        $user->password = $credentials['password'];
        $user->save();
    }

    /**
     * Confirm email using the confirmation code.
     *
     * @param  string $confirmationCode
     * @return void
     */
    public function confirmEmail($confirmationCode)
    {
        $user                    = $this->first(['confirmation_code' => $confirmationCode]);
        $user->confirmed         = 1;
        $user->confirmation_code = null;
        $user->save();
    }

    /**
     * Send the confirmation mail.
     *
     * @param  string $email
     * @return void
     */
    public function sendConfirmationEmail($email)
    {
        $user = $this->first(['email' => $email]);
        if ($user->confirmed) 
        {
            \ErrorHandler::emailAlreadyConfirmed();
        }

        $user->confirmed         = 0;
        $user->confirmation_code = sha1(microtime());
        $user->save();
        \Core::notifications()->notify($user, 'ConfirmEmail');
    }

    /**
     * Paginate all users in the given group based on the given conditions.
     * 
     * @param  string  $groupName
     * @param  array   $relations
     * @param  integer $perPage
     * @param  string  $sortBy
     * @param  boolean $desc
     * @return \Illuminate\Http\Response
     */
    public function group($conditions, $groupName, $relations, $perPage, $sortBy, $desc)
    {   
        unset($conditions['page']);
        $conditions = $this->constructConditions($conditions, $this->model);
        $sort       = $desc ? 'desc' : 'asc';
        $model      = call_user_func_array("{$this->getModel()}::with", array($relations));

        $model->whereHas('groups', function($q) use ($groupName){
            $q->where('name', $groupName);
        });

        
        if (count($conditions['conditionValues']))
        {
            $model->whereRaw($conditions['conditionString'], $conditions['conditionValues']);
        }

        if ($perPage) 
        {
            return $model->orderBy($sortBy, $sort)->paginate($perPage);
        }

        return $model->orderBy($sortBy, $sort)->get();
    }

    /**
     * Save the given data to the logged in user.
     *
     * @param  array $credentials
     * @return void
     */
    public function saveProfile($data) 
    {
        if (array_key_exists('profile_picture', $data)) 
        {
            $data['profile_picture'] = \Media::uploadImageBas64($data['profile_picture'], 'admins/profile_pictures');
        }
        
        $data['id'] = \Auth::id();
        $this->save($data);
    }

    /**
     * Ensure access token hasn't expired or revoked.
     * 
     * @param  string $accessToken
     * @return boolean
     */
    public function accessTokenExpiredOrRevoked($accessToken)
    {

        $accessTokenRepository = \App::make('League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface');
        $data                  = new ValidationData();
        $data->setCurrentTime(time());

        if ($accessToken->validate($data) === false || $accessTokenRepository->isAccessTokenRevoked($accessToken->getClaim('jti'))) 
        {
            return true;
        }

        return false;
    }

    /**
     * Revoke the given access token and all 
     * associated refresh tokens.
     *
     * @param  string  $accessToken
     * @return void
     */
    public function revokeAccessToken($accessToken)
    {
        \DB::table('oauth_refresh_tokens')
            ->where('access_token_id', $accessToken->id)
            ->update([
                'revoked' => true
            ]);

        $accessToken->revoke();
    }
}


1			<?php namespace App\Modules\Acl\Repositories;
2
3			use App\Modules\Core\AbstractRepositories\AbstractRepository;
4			use Lcobucci\JWT\ValidationData;
5
6			class UserRepository extends AbstractRepository
7			{
8			/**
9			* Return the model full namespace.
10			*
11			* @return string
12			*/
13			protected function getModel()
14			{
15			return 'App\Modules\Acl\AclUser';
16			}
17
18
19			/**
20			* Return the logged in user account.
21			*
22			* @param array $relations
23			* @return boolean
24			*/
25			public function account($relations = [])
26			{
27			$permissions = [];
28			$user = \Core::users()->find(\Auth::id(), $relations);
29			foreach ($user->groups()->get() as $group)
30			{
31			$group->permissions->each(function ($permission) use (&$permissions){
32			$permissions[$permission->model][$permission->id] = $permission->name;
33			});
34			}
35			$user->permissions = $permissions;
36
37			return $user;
38			}
39
40			/**
41			* Check if the logged in user or the given user
42			* has the given permissions on the given model.
43			*
44			* @param string $nameOfPermission
45			* @param string $model
46			* @param boolean $user
47			* @return boolean
48			*/
49			public function can($nameOfPermission, $model, $user = false)
50			{
51			$user = $user ?: $this->find(\Auth::id(), ['groups.permissions']);
52			$permissions = [];
53
54			$user->groups->pluck('permissions')->each(function ($permission) use (&$permissions, $model){
55			$permissions = array_merge($permissions, $permission->where('model', $model)->pluck('name')->toArray());
56			});
57
58			return in_array($nameOfPermission, $permissions);
59			}
60
61			/**
62			* Check if the logged in user has the given group.
63			*
64			* @param string $groupName
65			* @param integer $userId
66			* @return boolean
67			*/
68			public function hasGroup($groups, $user = false)
69			{
70			$user = $user ?: $this->find(\Auth::id());
71			return $user->groups->whereIn('name', $groups)->count() ? true : false;
72			}
73
74			/**
75			* Assign the given group ids to the given user.
76			*
77			* @param integer $userId
78			* @param array $group_ids
79			* @return object
80			*/
81			public function assignGroups($userId, $group_ids)
82			{
83			\DB::transaction(function () use ($userId, $group_ids) {
84			$user = $this->find($userId);
85			$user->groups()->detach();
86			$user->groups()->attach($group_ids);
87			});
88
89			return $this->find($userId);
90			}
91
92
93			/**
94			* Handle a login request to the application.
95			*
96			* @param array $credentials
97			* @param boolean $adminLogin
98			* @return object
99			*/
100			public function login($credentials, $adminLogin = false)
101			{
102			if ( ! $user = $this->first(['email' => $credentials['email']]))
103			{
104			\ErrorHandler::loginFailed();
105			}
106			else if ($adminLogin && ! $user->groups->whereIn('name', ['Admin'])->count())
107			{
108			\ErrorHandler::loginFailed();
109			}
110			else if ( ! $adminLogin && $user->groups->whereIn('name', ['Admin'])->count())
111			{
112			\ErrorHandler::loginFailed();
113			}
114			else if ($user->blocked)
115			{
116			\ErrorHandler::userIsBlocked();
117			}
118			else if ( ! config('skeleton.disable_confirm_email') && ! $user->confirmed)
119			{
120			\ErrorHandler::emailNotConfirmed();
121			}
122
123			return $user;
124			}
125
126			/**
127			* Handle a social login request of the none admin to the application.
128			*
129			* @param string $authCode
130			* @param string $accessToken
131			* @param string $type
132			* @return array
133			*/
134			public function loginSocial($authCode, $accessToken, $type)
135			{
136			$access_token = $authCode ? array_get(\Socialite::driver($type)->getAccessTokenResponse($authCode), 'access_token') : $accessToken;
137			$user = \Socialite::driver($type)->userFromToken($access_token);
138
139			if ( ! $user->email)
140			{
141			\ErrorHandler::noSocialEmail();
142			}
143
144			if ( ! $registeredUser = $this->model->where('email', $user->email)->first())
145			{
146			$this->register(['email' => $user->email, 'password' => ''], 1);
147			}
148
149			$loginProxy = \App::make('App\Modules\Acl\Proxy\LoginProxy');
150			return $loginProxy->login(['email' => $credentials['email'], 'password' => config('skeleton.social_pass']], 0);
			0 ignored issues – show Bug introduced 2018-11-27 09:02 UTC by Report Bug Copy Issue Report This code did not parse for me. Apparently, there is an error somewhere around this line: Syntax error, unexpected ']', expecting ',' or ')' Loading history...
151			}
152
153			/**
154			* Handle a registration request.
155			*
156			* @param array $credentials
157			* @param boolean $skipConfirmEmail
158			* @return array
159			*/
160			public function register($credentials, $skipConfirmEmail = false)
161			{
162			$user = $this->save($credentials);
163
164			if ($skipConfirmEmail)
165			{
166			$user->confirmed = 1;
167			$user->save();
168			}
169			else if ( ! config('skeleton.disable_confirm_email'))
170			{
171			$this->sendConfirmationEmail($user->email);
172			}
173
174			return $user;
175			}
176
177			/**
178			* Block the user.
179			*
180			* @param integer $userId
181			* @return object
182			*/
183			public function block($userId)
184			{
185			if ( ! $user = $this->find($userId))
186			{
187			\ErrorHandler::notFound('user');
188			}
189			if ( ! $this->hasGroup(['Admin']))
190			{
191			\ErrorHandler::noPermissions();
192			}
193			else if (\Auth::id() == $userId)
194			{
195			\ErrorHandler::noPermissions();
196			}
197			else if ($user->groups->pluck('name')->search('Admin', true) !== false)
198			{
199			\ErrorHandler::noPermissions();
200			}
201
202			$user->blocked = 1;
203			$user->save();
204
205			return $user;
206			}
207
208			/**
209			* Unblock the user.
210			*
211			* @param integer $userId
212			* @return object
213			*/
214			public function unblock($userId)
215			{
216			if ( ! $this->hasGroup(['Admin']))
217			{
218			\ErrorHandler::noPermissions();
219			}
220
221			$user = $this->find($userId);
222			$user->blocked = 0;
223			$user->save();
224
225			return $user;
226			}
227
228			/**
229			* Send a reset link to the given user.
230			*
231			* @param string $email
232			* @return void
233			*/
234			public function sendReset($email)
235			{
236			if ( ! $user = $this->model->where('email', $email)->first())
237			{
238			\ErrorHandler::notFound('email');
239			}
240
241			$token = \Password::getRepository()->create($user);
242			\Core::notifications()->notify($user, 'ResetPassword', $token);
243			}
244
245			/**
246			* Reset the given user's password.
247			*
248			* @param array $credentials
249			* @return array
250			*/
251			public function resetPassword($credentials)
252			{
253			$response = \Password::reset($credentials, function ($user, $password) {
254			$user->password = $password;
255			$user->save();
256			});
257
258			switch ($response) {
259			case \Password::PASSWORD_RESET:
260			return 'success';
261
262			case \Password::INVALID_TOKEN:
263			\ErrorHandler::invalidResetToken('token');
264
265			case \Password::INVALID_PASSWORD:
266			\ErrorHandler::invalidResetPassword('email');
267
268			case \Password::INVALID_USER:
269			\ErrorHandler::notFound('user');
270
271			default:
272			\ErrorHandler::generalError();
273			}
274			}
275
276			/**
277			* Change the logged in user password.
278			*
279			* @param array $credentials
280			* @return void
281			*/
282			public function changePassword($credentials)
283			{
284			$user = \Auth::user();
285			if ( ! \Hash::check($credentials['old_password'], $user->password))
286			{
287			\ErrorHandler::invalidOldPassword();
288			}
289
290			$user->password = $credentials['password'];
291			$user->save();
292			}
293
294			/**
295			* Confirm email using the confirmation code.
296			*
297			* @param string $confirmationCode
298			* @return void
299			*/
300			public function confirmEmail($confirmationCode)
301			{
302			$user = $this->first(['confirmation_code' => $confirmationCode]);
303			$user->confirmed = 1;
304			$user->confirmation_code = null;
305			$user->save();
306			}
307
308			/**
309			* Send the confirmation mail.
310			*
311			* @param string $email
312			* @return void
313			*/
314			public function sendConfirmationEmail($email)
315			{
316			$user = $this->first(['email' => $email]);
317			if ($user->confirmed)
318			{
319			\ErrorHandler::emailAlreadyConfirmed();
320			}
321
322			$user->confirmed = 0;
323			$user->confirmation_code = sha1(microtime());
324			$user->save();
325			\Core::notifications()->notify($user, 'ConfirmEmail');
326			}
327
328			/**
329			* Paginate all users in the given group based on the given conditions.
330			*
331			* @param string $groupName
332			* @param array $relations
333			* @param integer $perPage
334			* @param string $sortBy
335			* @param boolean $desc
336			* @return \Illuminate\Http\Response
337			*/
338			public function group($conditions, $groupName, $relations, $perPage, $sortBy, $desc)
339			{
340			unset($conditions['page']);
341			$conditions = $this->constructConditions($conditions, $this->model);
342			$sort = $desc ? 'desc' : 'asc';
343			$model = call_user_func_array("{$this->getModel()}::with", array($relations));
344
345			$model->whereHas('groups', function($q) use ($groupName){
346			$q->where('name', $groupName);
347			});
348
349
350			if (count($conditions['conditionValues']))
351			{
352			$model->whereRaw($conditions['conditionString'], $conditions['conditionValues']);
353			}
354
355			if ($perPage)
356			{
357			return $model->orderBy($sortBy, $sort)->paginate($perPage);
358			}
359
360			return $model->orderBy($sortBy, $sort)->get();
361			}
362
363			/**
364			* Save the given data to the logged in user.
365			*
366			* @param array $credentials
367			* @return void
368			*/
369			public function saveProfile($data)
370			{
371			if (array_key_exists('profile_picture', $data))
372			{
373			$data['profile_picture'] = \Media::uploadImageBas64($data['profile_picture'], 'admins/profile_pictures');
374			}
375
376			$data['id'] = \Auth::id();
377			$this->save($data);
378			}
379
380			/**
381			* Ensure access token hasn't expired or revoked.
382			*
383			* @param string $accessToken
384			* @return boolean
385			*/
386			public function accessTokenExpiredOrRevoked($accessToken)
387			{
388
389			$accessTokenRepository = \App::make('League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface');
390			$data = new ValidationData();
391			$data->setCurrentTime(time());
392
393			if ($accessToken->validate($data) === false \|\| $accessTokenRepository->isAccessTokenRevoked($accessToken->getClaim('jti')))
394			{
395			return true;
396			}
397
398			return false;
399			}
400
401			/**
402			* Revoke the given access token and all
403			* associated refresh tokens.
404			*
405			* @param string $accessToken
406			* @return void
407			*/
408			public function revokeAccessToken($accessToken)
409			{
410			\DB::table('oauth_refresh_tokens')
411			->where('access_token_id', $accessToken->id)
412			->update([
413			'revoked' => true
414			]);
415
416			$accessToken->revoke();
417			}
418			}
419

SherifElfadaly / Laravel-Api-Skeleton

Push — master ( ae7a17...a23113 )

UserRepository::accessTokenExpiredOrRevoked() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like