AlternC/lib/Alternc/Api/Token.php

<?php

/**
 * Standard Token object for the AlternC API
 * 
 */
class Alternc_Api_Token {

    const ERR_DATABASE_ERROR = 112001;
    const ERR_INVALID_ARGUMENT = 112002;
    const ERR_MISSING_ARGUMENT = 112003;
    const ERR_INVALID_TOKEN = 112004;

    /**
     * AlternC User-Id
     *
     * @var int
     */
    public $uid;

    /**
     * Is this an admin account ? 
     * 
     * @var boolean
     */
    public $isAdmin;

    /**
     * The Token itself
     * 
     * @var string
     */
    public $token;

    /**
     * how long (seconds) is a token valid
     *
     * @var int
     */
    public $tokenDuration = 2678400; // default is a month

    /**
     * initialize a token object
     * @param options any of the public above
     *   may contain a dbAdapter, in that case create() will be available
     */

    public function __construct($options = array()) {

        if (isset($options["uid"]) && is_int($options["uid"]))
            $this->uid = $options["uid"];

        if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))
            $this->isAdmin = $options["isAdmin"];
    }

    /**
     * Formats response to json
     * 
     * @return string
     */
    public function toJson() {
        return json_encode(
                array("uid" => $this->uid,
                    "isAdmin" => $this->isAdmin,
                    "token" => $this->token)
        );
    }

    /**
     * Create a new token in the DB for the associated user/admin
     * 
     * @return string the token (32 chars)
     */
    public static function tokenGenerate($options, $db) {
        if (!($db instanceof PDO)) {
            throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
        }
        if (!isset($options["uid"]) || !isset($options["isAdmin"])) {
            throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT);
        }

        $token = new Alternc_Api_Token($options);

        do {
            $token->token = $token->tokenRandom();
            $stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
            $stmt->execute(array($token->token, $token->tokenDuration, $token->toJson()));
            $rows = $stmt->rowCount();
        } while ($rows == 0); // prevent collisions

        return $token;
    }

    /**
     * Check and return a token
     * @param $token string a 32-chars token
     * @param $db PDO a PDO object for token table access
     * 
     * @return Alternc_Api_Token object or NULL
     */
    public static function tokenGet($token, $db) {
        if (!($db instanceof PDO)) {
            throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
        }
        if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) {
            return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
        }
        $stmt = $db->prepare("SELECT * FROM token WHERE token=?");
        $stmt->execute(array($token));
        if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) {
            return new Alternc_Api_Token(json_decode($tok->data, true));
        }
        return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
    }

    /**
     * Generate a new random token
     * @return string
     */
    public function tokenRandom() {
        $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        $s = "";
        for ($i = 0; $i < 32; $i++)
            $s.=substr($chars, mt_rand(0, 61), 1);
        return $s;
    }

}

// class Alternc_Api_Response
[enh] Importing API and SSL from branches 2015-05-07 15:29:43 +00:00			`<?php`

			`/**`
			`* Standard Token object for the AlternC API`
			`*`
			`*/`
			`class Alternc_Api_Token {`

			`const ERR_DATABASE_ERROR = 112001;`
			`const ERR_INVALID_ARGUMENT = 112002;`
			`const ERR_MISSING_ARGUMENT = 112003;`
			`const ERR_INVALID_TOKEN = 112004;`

			`/**`
			`* AlternC User-Id`
			`*`
			`* @var int`
			`*/`
			`public $uid;`

			`/**`
			`* Is this an admin account ?`
			`*`
			`* @var boolean`
			`*/`
			`public $isAdmin;`

			`/**`
			`* The Token itself`
			`*`
			`* @var string`
			`*/`
			`public $token;`

			`/**`
			`* how long (seconds) is a token valid`
			`*`
			`* @var int`
			`*/`
			`public $tokenDuration = 2678400; // default is a month`

			`/**`
			`* initialize a token object`
			`* @param options any of the public above`
			`* may contain a dbAdapter, in that case create() will be available`
			`*/`

			`public function __construct($options = array()) {`

			`if (isset($options["uid"]) && is_int($options["uid"]))`
			`$this->uid = $options["uid"];`

			`if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))`
			`$this->isAdmin = $options["isAdmin"];`
			`}`

			`/**`
			`* Formats response to json`
			`*`
			`* @return string`
			`*/`
			`public function toJson() {`
			`return json_encode(`
			`array("uid" => $this->uid,`
			`"isAdmin" => $this->isAdmin,`
			`"token" => $this->token)`
			`);`
			`}`

			`/**`
			`* Create a new token in the DB for the associated user/admin`
			`*`
			`* @return string the token (32 chars)`
			`*/`
			`public static function tokenGenerate($options, $db) {`
			`if (!($db instanceof PDO)) {`
			`throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);`
			`}`
			`if (!isset($options["uid"]) \|\| !isset($options["isAdmin"])) {`
			`throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT);`
			`}`

			`$token = new Alternc_Api_Token($options);`

			`do {`
			`$token->token = $token->tokenRandom();`
			`$stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");`
			`$stmt->execute(array($token->token, $token->tokenDuration, $token->toJson()));`
			`$rows = $stmt->rowCount();`
			`} while ($rows == 0); // prevent collisions`

			`return $token;`
			`}`

			`/**`
			`* Check and return a token`
			`* @param $token string a 32-chars token`
			`* @param $db PDO a PDO object for token table access`
			`*`
			`* @return Alternc_Api_Token object or NULL`
			`*/`
			`public static function tokenGet($token, $db) {`
			`if (!($db instanceof PDO)) {`
			`throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);`
			`}`
			`if (!is_string($token) \|\| !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) {`
			`return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));`
			`}`
			`$stmt = $db->prepare("SELECT * FROM token WHERE token=?");`
			`$stmt->execute(array($token));`
			`if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) {`
			`return new Alternc_Api_Token(json_decode($tok->data, true));`
			`}`
			`return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));`
			`}`

			`/**`
			`* Generate a new random token`
			`* @return string`
			`*/`
			`public function tokenRandom() {`
			`$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";`
			`$s = "";`
			`for ($i = 0; $i < 32; $i++)`
same random system everywhere : mt_rand() 2016-05-22 15:40:57 +00:00			`$s.=substr($chars, mt_rand(0, 61), 1);`
[enh] Importing API and SSL from branches 2015-05-07 15:29:43 +00:00			`return $s;`
			`}`

			`}`

			`// class Alternc_Api_Response`