DatabaseTokensRepository.php

<?php


namespace Source\Gateways\Tokens;

use Carbon\Carbon;
use Source\Entities\Token;
use Illuminate\Support\Str;
use Source\Sanitize\CastsTo;
use Source\Entities\RawToken;
use Illuminate\Support\Facades\Log;
use Source\Entities\HashedSearchable;
use Source\Gateways\PostgresSQLCodes;
use Illuminate\Database\QueryException;
use Illuminate\Database\Eloquent\Builder;
use Source\Exceptions\EntityNotFoundException;

class DatabaseTokensRepository implements TokensRepository
{
    use CastsTo;

    /**
     * @param \App\Token             $dbToken
     * @param \Source\Entities\Token $token
     * @throws \Source\Exceptions\EntityNotFoundException
     */
    protected function saveToken(\App\Token $dbToken, Token $token): void
    {
        $dbToken->setAttribute('name', $token->getName());
        $dbToken->setAttribute('user_id', $token->getUserId());
        $dbToken->setAttribute('api_token', $token->getToken()->getHash());
        $dbToken->setAttribute('expires_at', $token->getExpiresAt());

        try {
            $dbToken->save();
        } catch (QueryException $e) {
            if ($e->getCode() === PostgresSQLCodes::FOREIGN_KEY_VIOLATION) {
                throw new EntityNotFoundException('Cannot save token for non existent user');
            }

            Log::error('Cannot save token: ' . $e);

            throw $e;
        }
    }

    /**
     * @inheritDoc
     */
    public function create(Token $token): Token
    {
        $dbToken = new \App\Token();

        $this->saveToken($dbToken, $token);

        return self::dbTokenToToken($dbToken);
    }

    /**
     * @inheritDoc
     */
    public function createLoginToken(string $userId, string $salt): RawToken
    {
        $raw = self::generateTokenString();
        return new RawToken($raw, $this->create(new Token(
            0,
            $userId,
            HashedSearchable::hash($salt, $raw),
            null,
            Carbon::now()->addDay()
        )));
    }

    /**
     * @inheritDoc
     */
    public function update(string $tokenId, Token $token): Token
    {
        /** @var \App\Token|null $dbToken */
        $dbToken = \App\Token::query()->find(self::castToInt($tokenId));

        if (!$dbToken) {
            throw new EntityNotFoundException('Token with id "' . $tokenId . '" not found.');
        }

        $this->saveToken($dbToken, $token);

        return self::dbTokenToToken($dbToken);
    }

    /**
     * @inheritDoc
     */
    public function get(string $tokenId): ?Token
    {
        /** @var \App\Token|null $token */
        $token = \App\Token::query()->find(self::castToInt($tokenId));

        if (!$token) {
            return null;
        }

        return self::dbTokenToToken($token);
    }

    /**
     * @param \App\Token $token
     * @return \Source\Entities\Token
     */
    protected static function dbTokenToToken(\App\Token $token): Token
    {
        return new Token(
            $token->getAttribute('id'),
            $token->getAttribute('user_id'),
            new HashedSearchable($token->getAttribute('api_token')),
            $token->getAttribute('name'),
            $token->getAttribute('expires_at'),
            $token->getAttribute('created_at'),
            $token->getAttribute('updated_at')
        );
    }

    /**
     * @inheritDoc
     */
    public function findValidToken(?HashedSearchable $hash): ?Token
    {
        if (!$hash) {
            return null;
        }

        /** @var \App\Token|null $found */
        $found = \App\Token::query()->where('api_token', $hash->getHash())->where('expires_at', '>', Carbon::now())->orWhere(
            static function (Builder $query) use ($hash) {
                $query->where('api_token', $hash->getHash())->where('expires_at', null);
            }
        )->first();


        if (!$found) {
            return null;
        }

        return self::dbTokenToToken($found);
    }

    /**
     * @inheritDoc
     */
    public function invalidateToken(?HashedSearchable $hash): void
    {
        if (!$hash) {
            return;
        }

        /** @var \App\Token|null $found */
        $found = \App\Token::query()->where('api_token', $hash)->where('expires_at', '>', Carbon::now())->orWhere(
            static function (Builder $query) use ($hash) {
                $query->where('api_token', $hash->getHash())->where('expires_at', null);
            }
        )->first();

        if ($found) {
            $found->setAttribute('expires_at', Carbon::now());
            $found->save();
        }
    }

    /**
     * @inheritDoc
     */
    public static function generateTokenString(): string
    {
        return Str::random(60);
    }

    /**
     * @inheritDoc
     */
    public function invalidateTokenById(string $tokenId): void
    {
        /** @var \App\Token|null $dbToken */
        $dbToken = \App\Token::query()->find(self::castToInt($tokenId));

        if (!$dbToken) {
            throw new EntityNotFoundException('Token not found.');
        }

        $token = self::dbTokenToToken($dbToken);

        if ($token->isValid()) {
            $dbToken->setAttribute('expires_at', Carbon::now());
            $dbToken->save();
        }
    }

    /**
     * @inheritDoc
     */
    public function filter(?string $userId = null, ?Carbon $validAt = null): array
    {
        $query = \App\Token::query()->whereNotNull('name')->orderByDesc('created_at');

        if ($userId) {
            $query->where('user_id', self::castToInt($userId));
        }

        if ($validAt) {
            $query->where(static function (Builder $builder) use ($validAt) {
                $builder->where('expires_at', '>', $validAt)
                    ->orWhereNull('expires_at');
            });
        }

        return array_map(static function (\App\Token $token) {
            return self::dbTokenToToken($token);
        }, $query->get()->values()->all());
    }
}