User::check2facode() - Code Metrics - Inspection of "Adding 2FA for webtrees attempt #2" - fisharebest/webtrees - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Pull Request — main (#5039)

by Bernard

created 2024-11-25 19:38 UTC

User::check2facode() A

↳ Parent: User

Complexity

Conditions	2
Paths	2

Size

Total Lines	13
Code Lines	10

Duplication

Lines	0
Ratio	0 %

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
cc	2
eloc	10
c	2
b	0
f	0
nc	2
nop	1
dl	0
loc	13
rs	9.9332

<?php

/**
 * webtrees: online genealogy
 * Copyright (C) 2023 webtrees development team
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 * You should have received a copy of the GNU General Public License
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
 */

declare(strict_types=1);

namespace Fisharebest\Webtrees;

use Closure;
use Fisharebest\Webtrees\Contracts\UserInterface;
filter:
    dependency_paths: ["lib/*"]
use PragmaRX\Google2FA\Google2FA;
use chillerlan\QRCode\QRCode;

use function is_string;

/**
 * Provide an interface to the wt_user table.
 */
class User implements UserInterface
{
    private int $user_id;

    private string $user_name;

    private string $real_name;

    private string $email;

    /** @var array<string,string> */
    private array $preferences;

    /**
     * @param int    $user_id
     * @param string $user_name
     * @param string $real_name
     * @param string $email
     */
    public function __construct(int $user_id, string $user_name, string $real_name, string $email)
    {
        $this->user_id   = $user_id;
        $this->user_name = $user_name;
        $this->real_name = $real_name;
        $this->email     = $email;

        $this->preferences = DB::table('user_setting')

            ->where('user_id', '=', $this->user_id)
            ->pluck('setting_value', 'setting_name')
            ->all();
    }

    /**
     * The user‘s internal identifier.
     *
     * @return int
     */
    public function id(): int
    {
        return $this->user_id;
    }

    /**
     * The users email address.
     *
     * @return string
     */
    public function email(): string
    {
        return $this->email;
    }

    /**
     * Set the email address of this user.
     *
     * @param string $email
     *
     * @return User
     */
    public function setEmail(string $email): User
    {
        if ($this->email !== $email) {
            $this->email = $email;

            DB::table('user')
                ->where('user_id', '=', $this->user_id)
                ->update([
                    'email' => $email,
                ]);
        }

        return $this;
    }

    /**
     * The user‘s real name.
     *
     * @return string
     */
    public function realName(): string
    {
        return $this->real_name;
    }
    /**
     * Generate a QR code image based on 2FA secret and return both.
     *
     * @return array<string, mixed>
     */

    public function genQRcode(): array
    {
        $qrinfo = array();
        $google2fa = new Google2FA();
        $qrinfo['secret'] = $google2fa->generateSecretKey();
        $servername = $_SERVER['SERVER_NAME'];
        settype($servername, "string");
        $data = 'otpauth://totp/' . $this->user_id . '?secret=' . $qrinfo['secret'] . '&issuer=' . $servername;
        $qrcode = new QRCode();
        $qrinfo['qrcode'] = $qrcode->render($data);
        return $qrinfo;
    }

    /**
     * Set the real name of this user.
     *
     * @param string $real_name
     *
     * @return User
     */
    public function setRealName(string $real_name): User
    {
        if ($this->real_name !== $real_name) {
            $this->real_name = $real_name;

            DB::table('user')
                ->where('user_id', '=', $this->user_id)
                ->update([
                    'real_name' => $real_name,
                ]);
        }

        return $this;
    }

    /**
     * The user‘s login name.
     *
     * @return string
     */
    public function userName(): string
    {
        return $this->user_name;
    }

    /**
     * Set the login name for this user.
     *
     * @param string $user_name
     *
     * @return self
     */
    public function setUserName(string $user_name): self
    {
        if ($this->user_name !== $user_name) {
            $this->user_name = $user_name;

            DB::table('user')
                ->where('user_id', '=', $this->user_id)
                ->update([
                    'user_name' => $user_name,
                ]);
        }

        return $this;
    }

    /**
     * Fetch a user option/setting from the wt_user_setting table.
     * Since we'll fetch several settings for each user, and since there aren't
     * that many of them, fetch them all in one database query
     *
     * @param string $setting_name
     * @param string $default
     *
     * @return string
     */
    public function getPreference(string $setting_name, string $default = ''): string
    {
        return $this->preferences[$setting_name] ?? $default;
    }

    /**
     * Update a setting for the user.
     *
     * @param string $setting_name
     * @param string $setting_value
     *
     * @return void
     */
    public function setPreference(string $setting_name, string $setting_value): void
    {
        if ($this->getPreference($setting_name) !== $setting_value) {
            DB::table('user_setting')->updateOrInsert([
                'user_id'      => $this->user_id,
                'setting_name' => $setting_name,
            ], [
                'setting_value' => $setting_value,
            ]);

            $this->preferences[$setting_name] = $setting_value;
        }
    }

    /**
     * Set the password of this user.
     *
     * @param string $password
     *
     * @return User
     */
    public function setPassword(#[\SensitiveParameter] string $password): User
    {
        DB::table('user')
            ->where('user_id', '=', $this->user_id)
            ->update([
                'password' => password_hash($password, PASSWORD_DEFAULT),
            ]);

        return $this;
    }

    /**
     * Validate a supplied password
     *
     * @param string $password
     *
     * @return bool
     */
    public function checkPassword(#[\SensitiveParameter] string $password): bool
    {
        $password_hash = DB::table('user')
            ->where('user_id', '=', $this->id())
            ->value('password');

        if (is_string($password_hash) && password_verify($password, $password_hash)) {
            if (password_needs_rehash($password_hash, PASSWORD_DEFAULT)) {
                $this->setPassword($password);
            }

            return true;
        }

        return false;
    }
    /**
     * Set the Secret of this user.
     *
     * @param string $secret
     *
     * @return User
     */
    public function setSecret(#[\SensitiveParameter] string $secret): User
    {
        DB::table('user')
            ->where('user_id', '=', $this->user_id)
            ->update([
                'secret' => $secret,
            ]);

        return $this;
    }

    /**
     * Validate a supplied 2fa code
     *
     * @param string $code2fa
     *
     * @return bool
     */
    public function check2facode(string $code2fa): bool
    {
        $secret = DB::table('user')
             ->where('user_id', '=', $this->id())
             ->value('secret');
        settype($secret, "string");
        $google2fa = new Google2FA();
        $googleverifystatus = $google2fa->verifyKey($secret, $code2fa);
        settype($googleverifystatus, "bool");
        if ($googleverifystatus) {
            return true;
        }
        return false;
    }

    /**
     * A closure which will create an object from a database row.
     *
     * @return Closure(object):User
     */
    public static function rowMapper(): Closure
    {
        return static fn (object $row): User => new self((int) $row->user_id, $row->user_name, $row->real_name, $row->email);
    }
}


1			<?php
2
3			/**
4			* webtrees: online genealogy
5			* Copyright (C) 2023 webtrees development team
6			* This program is free software: you can redistribute it and/or modify
7			* it under the terms of the GNU General Public License as published by
8			* the Free Software Foundation, either version 3 of the License, or
9			* (at your option) any later version.
10			* This program is distributed in the hope that it will be useful,
11			* but WITHOUT ANY WARRANTY; without even the implied warranty of
12			* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13			* GNU General Public License for more details.
14			* You should have received a copy of the GNU General Public License
15			* along with this program. If not, see <https://www.gnu.org/licenses/>.
16			*/
17
18			declare(strict_types=1);
19
20			namespace Fisharebest\Webtrees;
21
22			use Closure;
23			use Fisharebest\Webtrees\Contracts\UserInterface;
			0 ignored issues – show Bug introduced 2024-11-23 00:11 UTC by Report Bug Copy Issue Report The type `Fisharebest\Webtrees\Contracts\UserInterface` was not found. Maybe you did not declare it correctly or list all dependencies? The issue could also be caused by a filter entry in the build configuration. If the path has been excluded in your configuration, e.g. `excluded_paths: ["lib/"]`, you can move it to the dependency path list as follows: filter: dependency_paths: ["lib/"] For further information see https://scrutinizer-ci.com/docs/tools/php/php-scrutinizer/#list-dependency-paths Loading history...
24			use PragmaRX\Google2FA\Google2FA;
25			use chillerlan\QRCode\QRCode;
26
27			use function is_string;
28
29			/**
30			* Provide an interface to the wt_user table.
31			*/
32			class User implements UserInterface
33			{
34			private int $user_id;
35
36			private string $user_name;
37
38			private string $real_name;
39
40			private string $email;
41
42			/** @var array<string,string> */
43			private array $preferences;
44
45			/**
46			* @param int $user_id
47			* @param string $user_name
48			* @param string $real_name
49			* @param string $email
50			*/
51			public function __construct(int $user_id, string $user_name, string $real_name, string $email)
52			{
53			$this->user_id = $user_id;
54			$this->user_name = $user_name;
55			$this->real_name = $real_name;
56			$this->email = $email;
57
58			$this->preferences = DB::table('user_setting')
			0 ignored issues – show Bug introduced 2024-11-23 00:11 UTC by Report Bug Copy Issue Report The type `Fisharebest\Webtrees\DB` was not found. Did you mean `DB`? If so, make sure to prefix the type with `\`. Loading history...
59			->where('user_id', '=', $this->user_id)
60			->pluck('setting_value', 'setting_name')
61			->all();
62			}
63
64			/**
65			* The user‘s internal identifier.
66			*
67			* @return int
68			*/
69			public function id(): int
70			{
71			return $this->user_id;
72			}
73
74			/**
75			* The users email address.
76			*
77			* @return string
78			*/
79			public function email(): string
80			{
81			return $this->email;
82			}
83
84			/**
85			* Set the email address of this user.
86			*
87			* @param string $email
88			*
89			* @return User
90			*/
91			public function setEmail(string $email): User
92			{
93			if ($this->email !== $email) {
94			$this->email = $email;
95
96			DB::table('user')
97			->where('user_id', '=', $this->user_id)
98			->update([
99			'email' => $email,
100			]);
101			}
102
103			return $this;
104			}
105
106			/**
107			* The user‘s real name.
108			*
109			* @return string
110			*/
111			public function realName(): string
112			{
113			return $this->real_name;
114			}
115			/**
116			* Generate a QR code image based on 2FA secret and return both.
117			*
118			* @return array<string, mixed>
119			*/
120
121			public function genQRcode(): array
122			{
123			$qrinfo = array();
124			$google2fa = new Google2FA();
125			$qrinfo['secret'] = $google2fa->generateSecretKey();
126			$servername = $_SERVER['SERVER_NAME'];
127			settype($servername, "string");
128			$data = 'otpauth://totp/' . $this->user_id . '?secret=' . $qrinfo['secret'] . '&issuer=' . $servername;
129			$qrcode = new QRCode();
130			$qrinfo['qrcode'] = $qrcode->render($data);
131			return $qrinfo;
132			}
133
134			/**
135			* Set the real name of this user.
136			*
137			* @param string $real_name
138			*
139			* @return User
140			*/
141			public function setRealName(string $real_name): User
142			{
143			if ($this->real_name !== $real_name) {
144			$this->real_name = $real_name;
145
146			DB::table('user')
147			->where('user_id', '=', $this->user_id)
148			->update([
149			'real_name' => $real_name,
150			]);
151			}
152
153			return $this;
154			}
155
156			/**
157			* The user‘s login name.
158			*
159			* @return string
160			*/
161			public function userName(): string
162			{
163			return $this->user_name;
164			}
165
166			/**
167			* Set the login name for this user.
168			*
169			* @param string $user_name
170			*
171			* @return self
172			*/
173			public function setUserName(string $user_name): self
174			{
175			if ($this->user_name !== $user_name) {
176			$this->user_name = $user_name;
177
178			DB::table('user')
179			->where('user_id', '=', $this->user_id)
180			->update([
181			'user_name' => $user_name,
182			]);
183			}
184
185			return $this;
186			}
187
188			/**
189			* Fetch a user option/setting from the wt_user_setting table.
190			* Since we'll fetch several settings for each user, and since there aren't
191			* that many of them, fetch them all in one database query
192			*
193			* @param string $setting_name
194			* @param string $default
195			*
196			* @return string
197			*/
198			public function getPreference(string $setting_name, string $default = ''): string
199			{
200			return $this->preferences[$setting_name] ?? $default;
201			}
202
203			/**
204			* Update a setting for the user.
205			*
206			* @param string $setting_name
207			* @param string $setting_value
208			*
209			* @return void
210			*/
211			public function setPreference(string $setting_name, string $setting_value): void
212			{
213			if ($this->getPreference($setting_name) !== $setting_value) {
214			DB::table('user_setting')->updateOrInsert([
215			'user_id' => $this->user_id,
216			'setting_name' => $setting_name,
217			], [
218			'setting_value' => $setting_value,
219			]);
220
221			$this->preferences[$setting_name] = $setting_value;
222			}
223			}
224
225			/**
226			* Set the password of this user.
227			*
228			* @param string $password
229			*
230			* @return User
231			*/
232			public function setPassword(#[\SensitiveParameter] string $password): User
233			{
234			DB::table('user')
235			->where('user_id', '=', $this->user_id)
236			->update([
237			'password' => password_hash($password, PASSWORD_DEFAULT),
238			]);
239
240			return $this;
241			}
242
243			/**
244			* Validate a supplied password
245			*
246			* @param string $password
247			*
248			* @return bool
249			*/
250			public function checkPassword(#[\SensitiveParameter] string $password): bool
251			{
252			$password_hash = DB::table('user')
253			->where('user_id', '=', $this->id())
254			->value('password');
255
256			if (is_string($password_hash) && password_verify($password, $password_hash)) {
257			if (password_needs_rehash($password_hash, PASSWORD_DEFAULT)) {
258			$this->setPassword($password);
259			}
260
261			return true;
262			}
263
264			return false;
265			}
266			/**
267			* Set the Secret of this user.
268			*
269			* @param string $secret
270			*
271			* @return User
272			*/
273			public function setSecret(#[\SensitiveParameter] string $secret): User
274			{
275			DB::table('user')
276			->where('user_id', '=', $this->user_id)
277			->update([
278			'secret' => $secret,
279			]);
280
281			return $this;
282			}
283
284			/**
285			* Validate a supplied 2fa code
286			*
287			* @param string $code2fa
288			*
289			* @return bool
290			*/
291			public function check2facode(string $code2fa): bool
292			{
293			$secret = DB::table('user')
294			->where('user_id', '=', $this->id())
295			->value('secret');
296			settype($secret, "string");
297			$google2fa = new Google2FA();
298			$googleverifystatus = $google2fa->verifyKey($secret, $code2fa);
299			settype($googleverifystatus, "bool");
300			if ($googleverifystatus) {
301			return true;
302			}
303			return false;
304			}
305
306			/**
307			* A closure which will create an object from a database row.
308			*
309			* @return Closure(object):User
310			*/
311			public static function rowMapper(): Closure
312			{
313			return static fn (object $row): User => new self((int) $row->user_id, $row->user_name, $row->real_name, $row->email);
314			}
315			}
316

fisharebest / webtrees

Pull Request — main (#5039)

User::check2facode() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like