Use Doctrine model in LinkTokens service
[MAILPOET-3269]
This commit is contained in:
Jan Lysý
Veljko V
@@ -1,37 +1,37 @@
|
||||
<?php
|
||||
<?php declare(strict_types=1);
|
||||
|
||||
namespace MailPoet\Subscribers;
|
||||
|
||||
use MailPoet\Models\Subscriber;
|
||||
use MailPoetVendor\Idiorm\ORM;
|
||||
use MailPoet\Entities\SubscriberEntity;
|
||||
|
||||
class LinkTokens {
|
||||
const OBSOLETE_LINK_TOKEN_LENGTH = 6;
|
||||
const LINK_TOKEN_LENGTH = 32;
|
||||
private const OBSOLETE_LINK_TOKEN_LENGTH = 6;
|
||||
|
||||
public function getToken(Subscriber $subscriber) {
|
||||
if ($subscriber->linkToken === null) {
|
||||
$subscriber->linkToken = $this->generateToken($subscriber->email);
|
||||
// `$subscriber->save()` fails if the subscriber has subscriptions, segments or custom fields
|
||||
ORM::rawExecute(sprintf('UPDATE %s SET link_token = ? WHERE email = ?', Subscriber::$_table), [$subscriber->linkToken, $subscriber->email]);
|
||||
}
|
||||
return $subscriber->linkToken;
|
||||
/** @var SubscribersRepository */
|
||||
private $subscribersRepository;
|
||||
|
||||
public function __construct(SubscribersRepository $subscribersRepository) {
|
||||
$this->subscribersRepository = $subscribersRepository;
|
||||
}
|
||||
|
||||
public function verifyToken(Subscriber $subscriber, $token) {
|
||||
public function getToken(SubscriberEntity $subscriber): string {
|
||||
if ($subscriber->getLinkToken() === null) {
|
||||
$subscriber->setLinkToken($this->generateToken($subscriber->getEmail()));
|
||||
$this->subscribersRepository->flush();
|
||||
}
|
||||
return (string)$subscriber->getLinkToken();
|
||||
}
|
||||
|
||||
public function verifyToken(SubscriberEntity $subscriber, string $token) {
|
||||
$databaseToken = $this->getToken($subscriber);
|
||||
$requestToken = substr($token, 0, strlen($databaseToken));
|
||||
return call_user_func(
|
||||
'hash_equals',
|
||||
$databaseToken,
|
||||
$requestToken
|
||||
);
|
||||
return hash_equals($databaseToken, $requestToken);
|
||||
}
|
||||
|
||||
/**
|
||||
* Only for backward compatibility for old tokens
|
||||
*/
|
||||
private function generateToken($email = null, $length = self::OBSOLETE_LINK_TOKEN_LENGTH) {
|
||||
private function generateToken(?string $email, int $length = self::OBSOLETE_LINK_TOKEN_LENGTH): ?string {
|
||||
if ($email !== null) {
|
||||
$authKey = '';
|
||||
if (defined('AUTH_KEY')) {
|
||||
@@ -39,6 +39,6 @@ class LinkTokens {
|
||||
}
|
||||
return substr(md5($authKey . $email), 0, $length);
|
||||
}
|
||||
return false;
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user