Completed
Pull Request — master (#38)
by Christian
02:18
created

TokenAuth::authenticate()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 6
Code Lines 4

Duplication

Lines 3
Ratio 50 %

Importance

Changes 1
Bugs 0 Features 1
Metric Value
c 1
b 0
f 1
dl 3
loc 6
rs 9.4285
cc 2
eloc 4
nc 2
nop 2
1
<?php
2
3
namespace Ntb\RestAPI;
4
5
/**
6
 * Authentication mechanism using a token in the request header. Valid tokens are saved in cache.
7
 * @author Christian Blank <[email protected]>
8
 */
9
class TokenAuth extends \Object implements IAuth {
10
11
    public static function authenticate($email, $password) {
12
        $authenticator = \Injector::inst()->get('ApiMemberAuthenticator');
13 View Code Duplication
        if($user = $authenticator->authenticate(['Password' => $password, 'Email' => $email])) {
0 ignored issues
show
Duplication introduced by
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
14
	        return self::createSession($user);
15
        }
16
    }
17
18
	/**
19
	 * @param \Member $user
20
	 * @return ApiSession
21
	 */
22
	public static function createSession($user) {
23
		// create session
24
		$session = ApiSession::create();
25
		$session->User = $user;
26
		$session->Token = AuthFactory::generate_token($user);
27
28
		// save session
29
		$cache = \SS_Cache::factory('rest_cache');
30
		$cache->save(json_encode(['token' => $session->Token, 'user' => $session->User->ID]), $session->Token);
31
32
		return $session;
33
	}
34
35
	public static function delete($request) {
36
        try {
37
            $token = AuthFactory::get_token($request);
38
            $cache = \SS_Cache::factory('rest_cache');
39
            $cache->remove($token);
40
        } catch(\Exception $e) {
41
            \SS_Log::log($e->getMessage(), \SS_Log::INFO);
42
        }
43
    }
44
45 View Code Duplication
    public static function current($request) {
0 ignored issues
show
Duplication introduced by
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
46
        try {
47
            $token = AuthFactory::get_token($request);
48
            return self::get_member_from_token($token);
49
        } catch(\Exception $e) {
50
            \SS_Log::log($e->getMessage(), \SS_Log::INFO);
51
        }
52
        return false;
53
    }
54
55
    /**
56
     *
57
     *
58
     * @param string $token
59
     * @throws RestUserException
60
     * @return \Member
0 ignored issues
show
Documentation introduced by
Should the return type not be \Member|null?

This check compares the return type specified in the @return annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch.

Loading history...
61
     */
62
    private static function get_member_from_token($token) {
63
        $cache = \SS_Cache::factory('rest_cache');
64
        if($data = $cache->load($token)) {
65
            $data = json_decode($data, true);
66
            $id = (int)$data['user'];
67
            $user = \DataObject::get(\Config::inst()->get('BaseRestController', 'Owner'))->byID($id);
68
            if(!$user) {
69
                throw new RestUserException("Owner not found in database", 404);
70
            }
71
            return $user;
72 View Code Duplication
        } else if(\Director::isDev() && $token == \Config::inst()->get('TokenAuth', 'DevToken')) {
0 ignored issues
show
Duplication introduced by
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
73
            return \DataObject::get(\Config::inst()->get('BaseRestController', 'Owner'))->first();
74
        }
75
        throw new RestUserException("Owner not found in database", 404);
76
    }
77
78
}
79