ApiAuthTokenHandler::loginAction() - Code Metrics - Inspection of "Added api profile data retrieval" - contredanse/mfts-server - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Push — master ( b69c62...c6060f )

by Sébastien

created 2018-11-21 15:35 UTC

ApiAuthTokenHandler::loginAction() B

↳ Parent: ApiAuthTokenHandler

Complexity

Conditions	7
Paths	5

Size

Total Lines	41
Code Lines	28

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	0
CRAP Score	56

Importance

Changes

Metric	Value
eloc	28
nc	5
nop	1
dl	0
loc	41
c	0
b	0
f	0
cc	7
ccs	0
cts	35
cp	0
crap	56
rs	8.5386

<?php

declare(strict_types=1);

namespace App\Handler;

use App\Security\UserProviderInterface;
use App\Service\Exception\TokenValidationExceptionInterface;
use App\Service\TokenManager;
use Fig\Http\Message\StatusCodeInterface;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Zend\Diactoros\Response\JsonResponse;
use Zend\Diactoros\Response\TextResponse;

class ApiAuthTokenHandler implements RequestHandlerInterface
{
    /**
     * @var UserProviderInterface
     */
    private $userProvider;

    /**
     * @var TokenManager
     */
    private $tokenManager;

    public function __construct(UserProviderInterface $userProvider, TokenManager $tokenManager)
    {
        $this->userProvider = $userProvider;
        $this->tokenManager = $tokenManager;
    }

    public function handle(ServerRequestInterface $request): ResponseInterface
    {
        switch ($request->getAttribute('action', 'index')) {
            case 'token':
                return $this->loginAction($request);
            case 'validate':
                return $this->validateAction($request);
            default:
                return (new TextResponse('Not found'))
                    ->withStatus(StatusCodeInterface::STATUS_NOT_FOUND);
        }
    }

    /**
     * @param ServerRequestInterface $request
     *
     * @return ResponseInterface
     */
    public function validateAction(ServerRequestInterface $request): ResponseInterface
    {
        $method = $request->getMethod();
        if ($method !== 'POST') {
            throw new \RuntimeException('TODO - Handle error your way ;)');
        }
        $body        = $request->getParsedBody();
        $tokenString = $body['token'] ?? '';
        try {
            $token = $this->tokenManager->getValidatedToken($tokenString);

            return (new JsonResponse([
                'valid' => true,
                'data'  => [
                    'user_id'    => $token->getClaim('user_id'),
                    'expires_at' => $token->getClaim('exp')
                ]
            ]))->withStatus(StatusCodeInterface::STATUS_OK);
        } catch (TokenValidationExceptionInterface $e) {
            return (new JsonResponse([
                'valid'  => false,
                'reason' => $e->getReason(),
            ]))->withStatus($e->getStatusCode());
        } catch (\Throwable $e) {
            return (new JsonResponse([
                'valid'  => false,
                'reason' => 'Unknown reason',
            ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED);
        }
    }

    public function loginAction(ServerRequestInterface $request): ResponseInterface
    {
        //$users  = $this->userProvider->getAllUsers();
        $method = $request->getMethod();
        if ($method !== 'POST') {
            throw new \RuntimeException('TODO - Handle error your way ;)');
        }

        $body     = $request->getParsedBody();
        $email    = trim($body['email'] ?? '');
        $password = trim($body['password'] ?? '');

        if ($email !== '' && $password !== '') {
            $user = $this->userProvider->getUserByEmail($email);
            if ($user !== null) {
                $dbPassword = $user->getDetail('password');
                if ($dbPassword === $password) {
                    $token = $this->tokenManager->createNewToken([
                        'user_id'  => $user->getIdentity(),
                        'email'    => $email
                    ], 3600);

                    return new JsonResponse([
                        'access_token' => (string) $token,
                        'token_type'   => 'api_auth',
                    ]);
                }
            }

            return (new JsonResponse([
                'success' => false,
                'reason'  => $user === null ?
                    'User does not exists' :
                    'Password invalid'
            ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED);
        }

        return (new JsonResponse([
            'success' => false,
            'reason'  => 'Missing parameter'
        ]))->withStatus(StatusCodeInterface::STATUS_BAD_REQUEST);
    }
}


1			<?php
2
3			declare(strict_types=1);
4
5			namespace App\Handler;
6
7			use App\Security\UserProviderInterface;
8			use App\Service\Exception\TokenValidationExceptionInterface;
9			use App\Service\TokenManager;
10			use Fig\Http\Message\StatusCodeInterface;
11			use Psr\Http\Message\ResponseInterface;
12			use Psr\Http\Message\ServerRequestInterface;
13			use Psr\Http\Server\RequestHandlerInterface;
14			use Zend\Diactoros\Response\JsonResponse;
15			use Zend\Diactoros\Response\TextResponse;
16
17			class ApiAuthTokenHandler implements RequestHandlerInterface
18			{
19			/**
20			* @var UserProviderInterface
21			*/
22			private $userProvider;
23
24			/**
25			* @var TokenManager
26			*/
27			private $tokenManager;
28
29			public function __construct(UserProviderInterface $userProvider, TokenManager $tokenManager)
30			{
31			$this->userProvider = $userProvider;
32			$this->tokenManager = $tokenManager;
33			}
34
35			public function handle(ServerRequestInterface $request): ResponseInterface
36			{
37			switch ($request->getAttribute('action', 'index')) {
38			case 'token':
39			return $this->loginAction($request);
40			case 'validate':
41			return $this->validateAction($request);
42			default:
43			return (new TextResponse('Not found'))
44			->withStatus(StatusCodeInterface::STATUS_NOT_FOUND);
45			}
46			}
47
48			/**
49			* @param ServerRequestInterface $request
50			*
51			* @return ResponseInterface
52			*/
53			public function validateAction(ServerRequestInterface $request): ResponseInterface
54			{
55			$method = $request->getMethod();
56			if ($method !== 'POST') {
57			throw new \RuntimeException('TODO - Handle error your way ;)');
58			}
59			$body = $request->getParsedBody();
60			$tokenString = $body['token'] ?? '';
61			try {
62			$token = $this->tokenManager->getValidatedToken($tokenString);
63
64			return (new JsonResponse([
65			'valid' => true,
66			'data' => [
67			'user_id' => $token->getClaim('user_id'),
68			'expires_at' => $token->getClaim('exp')
69			]
70			]))->withStatus(StatusCodeInterface::STATUS_OK);
71			} catch (TokenValidationExceptionInterface $e) {
72			return (new JsonResponse([
73			'valid' => false,
74			'reason' => $e->getReason(),
75			]))->withStatus($e->getStatusCode());
76			} catch (\Throwable $e) {
77			return (new JsonResponse([
78			'valid' => false,
79			'reason' => 'Unknown reason',
80			]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED);
81			}
82			}
83
84			public function loginAction(ServerRequestInterface $request): ResponseInterface
85			{
86			//$users = $this->userProvider->getAllUsers();
87			$method = $request->getMethod();
88			if ($method !== 'POST') {
89			throw new \RuntimeException('TODO - Handle error your way ;)');
90			}
91
92			$body = $request->getParsedBody();
93			$email = trim($body['email'] ?? '');
94			$password = trim($body['password'] ?? '');
95
96			if ($email !== '' && $password !== '') {
97			$user = $this->userProvider->getUserByEmail($email);
98			if ($user !== null) {
99			$dbPassword = $user->getDetail('password');
100			if ($dbPassword === $password) {
101			$token = $this->tokenManager->createNewToken([
102			'user_id' => $user->getIdentity(),
103			'email' => $email
104			], 3600);
105
106			return new JsonResponse([
107			'access_token' => (string) $token,
108			'token_type' => 'api_auth',
109			]);
110			}
111			}
112
113			return (new JsonResponse([
114			'success' => false,
115			'reason' => $user === null ?
116			'User does not exists' :
117			'Password invalid'
118			]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED);
119			}
120
121			return (new JsonResponse([
122			'success' => false,
123			'reason' => 'Missing parameter'
124			]))->withStatus(StatusCodeInterface::STATUS_BAD_REQUEST);
125			}
126			}
127

contredanse / mfts-server

Push — master ( b69c62...c6060f )

ApiAuthTokenHandler::loginAction() B

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like