Cavemanon/piratepoet
8
Fork 0
Code Pull Requests Actions Releases 16 Activity

Use Doctrine model in LinkTokens service

Browse Source 
[MAILPOET-3269]
This commit is contained in:
Jan Lysý
2021-05-27 18:32:23 +02:00
committed by Veljko V
parent eb189809ae
commit d34c923cef
1 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
lib/Subscribers/LinkTokens.php
View File

@@ -1,37 +1,37 @@
<?php <?php declare(strict_types=1);
namespace MailPoet\Subscribers; namespace MailPoet\Subscribers;
use MailPoet\Models\Subscriber; use MailPoet\Entities\SubscriberEntity;
use MailPoetVendor\Idiorm\ORM;
class LinkTokens { class LinkTokens {
const OBSOLETE_LINK_TOKEN_LENGTH = 6; private const OBSOLETE_LINK_TOKEN_LENGTH = 6;
const LINK_TOKEN_LENGTH = 32;
public function getToken(Subscriber $subscriber) { /** @var SubscribersRepository */
if ($subscriber->linkToken === null) { private $subscribersRepository;
$subscriber->linkToken = $this->generateToken($subscriber->email);
// `$subscriber->save()` fails if the subscriber has subscriptions, segments or custom fields public function __construct(SubscribersRepository $subscribersRepository) {
ORM::rawExecute(sprintf('UPDATE %s SET link_token = ? WHERE email = ?', Subscriber::$_table), [$subscriber->linkToken, $subscriber->email]); $this->subscribersRepository = $subscribersRepository;
}
return $subscriber->linkToken;
} }
public function verifyToken(Subscriber $subscriber, $token) { public function getToken(SubscriberEntity $subscriber): string {
if ($subscriber->getLinkToken() === null) {
$subscriber->setLinkToken($this->generateToken($subscriber->getEmail()));
$this->subscribersRepository->flush();
}
return (string)$subscriber->getLinkToken();
}
public function verifyToken(SubscriberEntity $subscriber, string $token) {
$databaseToken = $this->getToken($subscriber); $databaseToken = $this->getToken($subscriber);
$requestToken = substr($token, 0, strlen($databaseToken)); $requestToken = substr($token, 0, strlen($databaseToken));
return call_user_func( return hash_equals($databaseToken, $requestToken);
'hash_equals',
$databaseToken,
$requestToken
);
} }
/** /**
* Only for backward compatibility for old tokens * Only for backward compatibility for old tokens
*/ */
private function generateToken($email = null, $length = self::OBSOLETE_LINK_TOKEN_LENGTH) { private function generateToken(?string $email, int $length = self::OBSOLETE_LINK_TOKEN_LENGTH): ?string {
if ($email !== null) { if ($email !== null) {
$authKey = ''; $authKey = '';
if (defined('AUTH_KEY')) { if (defined('AUTH_KEY')) {
@@ -39,6 +39,6 @@ class LinkTokens {
} }
return substr(md5($authKey . $email), 0, $length); return substr(md5($authKey . $email), 0, $length);
} }
return false; return null;
} }
} }