AuthenticationAction::getAccessTokenFromHeader() - Code Metrics - Inspection of "Merge branch 'master' of https://github.com/charle..." - charlesportwoodii/yii2-api-rest-components - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8ea8de...59eb2e )

by Charles

created 2018-01-12 22:13 UTC

AuthenticationAction::getAccessTokenFromHeader() B

↳ Parent: AuthenticationAction

Complexity

Conditions	5
Paths	3

Size

Total Lines	29
Code Lines	14

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	29
rs	8.439
c	0
b	0
f	0
cc	5
eloc	14
nc	3
nop	0

<?php

namespace yrc\actions;

use app\forms\Login;
use app\models\Token;
use yrc\rest\Action as RestAction;

use yii\web\UnauthorizedHttpException;
use Yii;

/**
 * @class AuthenticationAction
 * Handles Authentication and Deauthentication of users
 */
class AuthenticationAction extends RestAction
{
    /**
     * Authenticates a user using their username and password
     * @return mixed
     */
    public function post($params)

    {
        $model = new Login;
        
        if ($model->load(['Login' => Yii::$app->request->post()])) {
            $token = $model->authenticate();

            if ($token === false) {
                throw new UnauthorizedHttpException('The credentials you provided are not valid', $model->exitStatus);
            } else {
                return $token->getAuthResponse();
            }
        }
            
        return false;
    }

    /**
     * Deauthenticates a user
     * @return mixed
     */
    public function delete($params)

    {
        $token = self::getAccessTokenFromHeader();
        return (bool)$token->delete();
    }

    /**
     * Helper method to grab the User Token object from the header
     * @return User\Token|bool
     */
    public static function getAccessTokenFromHeader()
    {
        // Grab the authentication header
        $authHeader = Yii::$app->request->getHeaders()->get('Authorization');
        
        // Pull the accessToken from the Authorization header string
        if ($authHeader !== null && preg_match('/^HMAC\s+(.*?)$/', $authHeader, $matches)) {
            $data = explode(',', trim($matches[1]));
            $accessToken = $data[0];

            // Retrieve the token object
            $token = Token::find()
                ->where([
                    'access_token' => $accessToken,
                    'user_id'      => Yii::$app->user->id
                ])
                ->one();

            // Malformed header
            if ($token === null || $token->isExpired()) {
                throw new UnauthorizedHttpException;
            }
                
            return $token;
        }

        // Header isn't present
        throw new UnauthorizedHttpException;
    }
}

1			<?php
2
3			namespace yrc\actions;
4
5			use app\forms\Login;
6			use app\models\Token;
7			use yrc\rest\Action as RestAction;
8
9			use yii\web\UnauthorizedHttpException;
10			use Yii;
11
12			/**
13			* @class AuthenticationAction
14			* Handles Authentication and Deauthentication of users
15			*/
16			class AuthenticationAction extends RestAction
17			{
18			/**
19			* Authenticates a user using their username and password
20			* @return mixed
21			*/
22			public function post($params)
			0 ignored issues – show Unused Code introduced 2017-10-03 17:48 UTC by Report Bug Copy Issue Report The parameter `$params` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
23			{
24			$model = new Login;
25
26			if ($model->load(['Login' => Yii::$app->request->post()])) {
27			$token = $model->authenticate();
28
29			if ($token === false) {
30			throw new UnauthorizedHttpException('The credentials you provided are not valid', $model->exitStatus);
31			} else {
32			return $token->getAuthResponse();
33			}
34			}
35
36			return false;
37			}
38
39			/**
40			* Deauthenticates a user
41			* @return mixed
42			*/
43			public function delete($params)
			0 ignored issues – show Unused Code introduced 2017-10-03 17:48 UTC by Report Bug Copy Issue Report The parameter `$params` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
44			{
45			$token = self::getAccessTokenFromHeader();
46			return (bool)$token->delete();
47			}
48
49			/**
50			* Helper method to grab the User Token object from the header
51			* @return User\Token\|bool
52			*/
53			public static function getAccessTokenFromHeader()
54			{
55			// Grab the authentication header
56			$authHeader = Yii::$app->request->getHeaders()->get('Authorization');
57
58			// Pull the accessToken from the Authorization header string
59			if ($authHeader !== null && preg_match('/^HMAC\s+(.*?)$/', $authHeader, $matches)) {
60			$data = explode(',', trim($matches[1]));
61			$accessToken = $data[0];
62
63			// Retrieve the token object
64			$token = Token::find()
65			->where([
66			'access_token' => $accessToken,
67			'user_id' => Yii::$app->user->id
68			])
69			->one();
70
71			// Malformed header
72			if ($token === null \|\| $token->isExpired()) {
73			throw new UnauthorizedHttpException;
74			}
75
76			return $token;
77			}
78
79			// Header isn't present
80			throw new UnauthorizedHttpException;
81			}
82			}

charlesportwoodii / yii2-api-rest-components

Push — master ( 8ea8de...59eb2e )

AuthenticationAction::getAccessTokenFromHeader() B

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like