PasswordReset - Code Metrics - philiplb/CRUDlexUser - Measure and Improve Code Quality continuously with Scrutinizer

PasswordReset A
last analyzed 2019-11-06 11:25 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	124
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	1

Importance

Changes

Metric	Value
wmc	10
lcom	1
cbo	1
dl	0
loc	124
rs	10
c	0
b	0
f	0

4 Methods

Rating	Name	Size	Complexity
A	getValidPasswordReset()	15	4
A	__construct()	5	1
A	requestPasswordReset()	23	3
A	resetPassword()	17	2

<?php

/*
 * This file is part of the CRUDlexUser package.
 *
 * (c) Philip Lehmann-Böhm <[email protected]>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace CRUDlex;

use CRUDlex\UserSetup;

/**
 * This class offers some features to implement a password reset flow.
 */
class PasswordReset
{

    /**
     * Holds the user Data instance.
     */
    protected $userData;

    /**
     * Holds the password reset Data instance.
     */
    protected $passwordResetData;

    /**
     * Gets the password reset of a token but only if it is younger than 48h.
     *
     * @param string $token
     * the password reset token
     *
     * @return null|CRUDlex\Entity
     * the password reset request
     */
    protected function getValidPasswordReset($token)
    {
        $passwordResets = $this->passwordResetData->listEntries(['token' => $token]);
        if (count($passwordResets) !== 1) {
            return null;
        }
        $passwordReset = $passwordResets[0];

        $createdAt = $passwordReset->get('created_at');
        if (strtotime($createdAt.' UTC') < time() - 2 * 24 * 60 * 60 || $passwordReset->get('reset')) {
            return null;
        }

        return $passwordReset;
    }

    /**
     * Constructor.
     *
     * @param CRUDlex\Data $userData
     * the user data instance
     * @param CRUDlex\Data $passwordResetData
     * the password reset data instance
     */
    public function __construct($userData, $passwordResetData)
    {
        $this->userData = $userData;
        $this->passwordResetData = $passwordResetData;
    }

    /**
     * Creates a password reset request.
     *
     * @param string $identifyingField
     * the identifying field to grab an user, likely the email
     * @param string $identifyingValue
     * the identifying value to grab an user, likely the email
     *
     * @return null|string
     * the token of the password reset instance ready to be send to the user via
     * a secondary channel like email; might be null if the user could not be
     * identified uniquly via the given parameters: either zero or more than one
     * users were found
     */
    public function requestPasswordReset($identifyingField, $identifyingValue)
    {

        $users = $this->userData->listEntries([$identifyingField => $identifyingValue]);
        if (count($users) !== 1) {
            return null;
        }

        $user = $users[0];
        $userSetup = new UserSetup();

        do {
            $token = $userSetup->getSalt(32);
            $tokenFound = $this->passwordResetData->countBy($this->passwordResetData->getDefinition()->getTable(), ['token' => $token], ['token' => '='], true) === 0;
        } while (!$tokenFound);

        $passwordReset = $this->passwordResetData->createEmpty();
        $passwordReset->set('user', $user->get('id'));
        $passwordReset->set('token', $token);
        $this->passwordResetData->create($passwordReset);

        return $token;
    }

    /**
     * Resets the password of an user belonging to the given password reset
     * token.
     *
     * @param string $token
     * the password reset token
     * @param string $newPassword
     * the new password
     *
     * @return boolean
     * true on success, false on failure with one of this reasons:
     * - no or more than one password reset request found for this token
     * - the password request for this token is older than 48h
     * - the password request for this token has already been used
     */
    public function resetPassword($token, $newPassword)
    {
        $passwordReset = $this->getValidPasswordReset($token);
        if ($passwordReset === null) {
            return false;
        }
        $user = $passwordReset->get('user');
        $user = $this->userData->get($user['id']);
        $user->set('password', $newPassword);
        $this->userData->update($user);

        $reset = gmdate('Y-m-d H:i:s');
        $passwordReset->set('reset', $reset);
        $this->passwordResetData->update($passwordReset);

        return true;
    }

}


1			<?php
2
3			/*
4			* This file is part of the CRUDlexUser package.
5			*
6			* (c) Philip Lehmann-Böhm <[email protected]>
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace CRUDlex;
13
14			use CRUDlex\UserSetup;
15
16			/**
17			* This class offers some features to implement a password reset flow.
18			*/
19			class PasswordReset
20			{
21
22			/**
23			* Holds the user Data instance.
24			*/
25			protected $userData;
26
27			/**
28			* Holds the password reset Data instance.
29			*/
30			protected $passwordResetData;
31
32			/**
33			* Gets the password reset of a token but only if it is younger than 48h.
34			*
35			* @param string $token
36			* the password reset token
37			*
38			* @return null\|CRUDlex\Entity
39			* the password reset request
40			*/
41			protected function getValidPasswordReset($token)
42			{
43			$passwordResets = $this->passwordResetData->listEntries(['token' => $token]);
44			if (count($passwordResets) !== 1) {
45			return null;
46			}
47			$passwordReset = $passwordResets[0];
48
49			$createdAt = $passwordReset->get('created_at');
50			if (strtotime($createdAt.' UTC') < time() - 2 * 24 * 60 * 60 \|\| $passwordReset->get('reset')) {
51			return null;
52			}
53
54			return $passwordReset;
55			}
56
57			/**
58			* Constructor.
59			*
60			* @param CRUDlex\Data $userData
61			* the user data instance
62			* @param CRUDlex\Data $passwordResetData
63			* the password reset data instance
64			*/
65			public function __construct($userData, $passwordResetData)
66			{
67			$this->userData = $userData;
68			$this->passwordResetData = $passwordResetData;
69			}
70
71			/**
72			* Creates a password reset request.
73			*
74			* @param string $identifyingField
75			* the identifying field to grab an user, likely the email
76			* @param string $identifyingValue
77			* the identifying value to grab an user, likely the email
78			*
79			* @return null\|string
80			* the token of the password reset instance ready to be send to the user via
81			* a secondary channel like email; might be null if the user could not be
82			* identified uniquly via the given parameters: either zero or more than one
83			* users were found
84			*/
85			public function requestPasswordReset($identifyingField, $identifyingValue)
86			{
87
88			$users = $this->userData->listEntries([$identifyingField => $identifyingValue]);
89			if (count($users) !== 1) {
90			return null;
91			}
92
93			$user = $users[0];
94			$userSetup = new UserSetup();
95
96			do {
97			$token = $userSetup->getSalt(32);
98			$tokenFound = $this->passwordResetData->countBy($this->passwordResetData->getDefinition()->getTable(), ['token' => $token], ['token' => '='], true) === 0;
99			} while (!$tokenFound);
100
101			$passwordReset = $this->passwordResetData->createEmpty();
102			$passwordReset->set('user', $user->get('id'));
103			$passwordReset->set('token', $token);
104			$this->passwordResetData->create($passwordReset);
105
106			return $token;
107			}
108
109			/**
110			* Resets the password of an user belonging to the given password reset
111			* token.
112			*
113			* @param string $token
114			* the password reset token
115			* @param string $newPassword
116			* the new password
117			*
118			* @return boolean
119			* true on success, false on failure with one of this reasons:
120			* - no or more than one password reset request found for this token
121			* - the password request for this token is older than 48h
122			* - the password request for this token has already been used
123			*/
124			public function resetPassword($token, $newPassword)
125			{
126			$passwordReset = $this->getValidPasswordReset($token);
127			if ($passwordReset === null) {
128			return false;
129			}
130			$user = $passwordReset->get('user');
131			$user = $this->userData->get($user['id']);
132			$user->set('password', $newPassword);
133			$this->userData->update($user);
134
135			$reset = gmdate('Y-m-d H:i:s');
136			$passwordReset->set('reset', $reset);
137			$this->passwordResetData->update($passwordReset);
138
139			return true;
140			}
141
142			}
143

philiplb / CRUDlexUser

PasswordReset A last analyzed 2019-11-06 11:25 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Importance

4 Methods

Duplication Side-by-Side

Filter issues like

PasswordReset A
last analyzed 2019-11-06 11:25 UTC