misuzu/src/Auth/TwoFactorAuthSessions.php

<?php
namespace Misuzu\Auth;

use Index\XString;
use Index\Data\DbStatementCache;
use Index\Data\IDbConnection;
use Misuzu\Users\UserInfo;

class TwoFactorAuthSessions {
    private DbStatementCache $cache;

    public function __construct(IDbConnection $dbConn) {
        $this->cache = new DbStatementCache($dbConn);
    }

    private static function generateToken(): string {
        return XString::random(32);
    }

    public function createToken(UserInfo|string $userInfo): string {
        if($userInfo instanceof UserInfo)
            $userInfo = $userInfo->getId();

        $token = self::generateToken();

        $stmt = $this->cache->get('INSERT INTO msz_auth_tfa (user_id, tfa_token) VALUES (?, ?)');
        $stmt->addParameter(1, $userInfo);
        $stmt->addParameter(2, $token);
        $stmt->execute();

        return $token;
    }

    public function getTokenUserId(string $token): string {
        $stmt = $this->cache->get('SELECT user_id FROM msz_auth_tfa WHERE tfa_token = ? AND tfa_created > NOW() - INTERVAL 15 MINUTE');
        $stmt->addParameter(1, $token);
        $stmt->execute();
        $result = $stmt->getResult();

        return $result->next() ? $result->getString(0) : '';
    }

    public function deleteToken(string $token): void {
        $stmt = $this->cache->get('DELETE FROM msz_auth_tfa WHERE tfa_token = ?');
        $stmt->addParameter(1, $token);
        $stmt->execute();
    }
}
Rewrote TFA session code. 2023-07-27 12:44:50 +00:00			`<?php`
			`namespace Misuzu\Auth;`

			`use Index\XString;`
			`use Index\Data\DbStatementCache;`
			`use Index\Data\IDbConnection;`
Rewrote the user information class. This one took multiple days and it pretty invasive into the core of Misuzu so issue might (will) arise, there's also some features that have gone temporarily missing in the mean time and some inefficiencies introduced that will be fixed again at a later time. The old class isn't gone entirely because I still have to figure out what I'm gonna do about validation, but for the most part this knocks out one of the "layers of backwards compatibility", as I've been referring to it, and is moving us closer to a future where Flashii actually gets real updates. If you run into anything that's broken and you're inhibited from reporting it through the forum, do it through chat or mail me at flashii-issues@flash.moe. 2023-08-02 22:12:47 +00:00			`use Misuzu\Users\UserInfo;`
Rewrote TFA session code. 2023-07-27 12:44:50 +00:00
			`class TwoFactorAuthSessions {`
			`private DbStatementCache $cache;`

			`public function __construct(IDbConnection $dbConn) {`
			`$this->cache = new DbStatementCache($dbConn);`
			`}`

			`private static function generateToken(): string {`
			`return XString::random(32);`
			`}`

Rewrote the user information class. This one took multiple days and it pretty invasive into the core of Misuzu so issue might (will) arise, there's also some features that have gone temporarily missing in the mean time and some inefficiencies introduced that will be fixed again at a later time. The old class isn't gone entirely because I still have to figure out what I'm gonna do about validation, but for the most part this knocks out one of the "layers of backwards compatibility", as I've been referring to it, and is moving us closer to a future where Flashii actually gets real updates. If you run into anything that's broken and you're inhibited from reporting it through the forum, do it through chat or mail me at flashii-issues@flash.moe. 2023-08-02 22:12:47 +00:00			`public function createToken(UserInfo\|string $userInfo): string {`
			`if($userInfo instanceof UserInfo)`
			`$userInfo = $userInfo->getId();`
Rewrote TFA session code. 2023-07-27 12:44:50 +00:00
			`$token = self::generateToken();`

			`$stmt = $this->cache->get('INSERT INTO msz_auth_tfa (user_id, tfa_token) VALUES (?, ?)');`
			`$stmt->addParameter(1, $userInfo);`
			`$stmt->addParameter(2, $token);`
			`$stmt->execute();`

			`return $token;`
			`}`

			`public function getTokenUserId(string $token): string {`
			`$stmt = $this->cache->get('SELECT user_id FROM msz_auth_tfa WHERE tfa_token = ? AND tfa_created > NOW() - INTERVAL 15 MINUTE');`
			`$stmt->addParameter(1, $token);`
			`$stmt->execute();`
			`$result = $stmt->getResult();`

			`return $result->next() ? $result->getString(0) : '';`
			`}`

			`public function deleteToken(string $token): void {`
			`$stmt = $this->cache->get('DELETE FROM msz_auth_tfa WHERE tfa_token = ?');`
			`$stmt->addParameter(1, $token);`
			`$stmt->execute();`
			`}`
			`}`