mirror of
https://github.com/koel/koel
synced 2024-12-18 16:44:03 +00:00
90 lines
2.7 KiB
PHP
90 lines
2.7 KiB
PHP
<?php
|
|
|
|
namespace App\Services;
|
|
|
|
use App\Exceptions\InvalidCredentialsException;
|
|
use App\Models\User;
|
|
use App\Repositories\UserRepository;
|
|
use App\Values\CompositeToken;
|
|
use Illuminate\Auth\Events\PasswordReset;
|
|
use Illuminate\Auth\Passwords\PasswordBroker;
|
|
use Illuminate\Hashing\HashManager;
|
|
use Illuminate\Support\Facades\Cache;
|
|
use Illuminate\Support\Facades\Password;
|
|
|
|
class AuthenticationService
|
|
{
|
|
public function __construct(
|
|
private readonly UserRepository $userRepository,
|
|
private readonly TokenManager $tokenManager,
|
|
private readonly HashManager $hash,
|
|
private readonly PasswordBroker $passwordBroker
|
|
) {
|
|
}
|
|
|
|
public function login(string $email, string $password): CompositeToken
|
|
{
|
|
/** @var User|null $user */
|
|
$user = $this->userRepository->getFirstWhere('email', $email);
|
|
|
|
if (!$user || !$this->hash->check($password, $user->password)) {
|
|
throw new InvalidCredentialsException();
|
|
}
|
|
|
|
if ($this->hash->needsRehash($user->password)) {
|
|
$user->password = $this->hash->make($password);
|
|
$user->save();
|
|
}
|
|
|
|
return $this->logUserIn($user);
|
|
}
|
|
|
|
public function logUserIn(User $user): CompositeToken
|
|
{
|
|
return $this->tokenManager->createCompositeToken($user);
|
|
}
|
|
|
|
public function logoutViaBearerToken(string $token): void
|
|
{
|
|
$this->tokenManager->deleteCompositionToken($token);
|
|
}
|
|
|
|
public function trySendResetPasswordLink(string $email): bool
|
|
{
|
|
return $this->passwordBroker->sendResetLink(['email' => $email]) === Password::RESET_LINK_SENT;
|
|
}
|
|
|
|
public function tryResetPasswordUsingBroker(string $email, string $password, string $token): bool
|
|
{
|
|
$credentials = [
|
|
'email' => $email,
|
|
'password' => $password,
|
|
'password_confirmation' => $password,
|
|
'token' => $token,
|
|
];
|
|
|
|
$status = $this->passwordBroker->reset($credentials, function (User $user, string $password): void {
|
|
$user->password = $this->hash->make($password);
|
|
$user->save();
|
|
event(new PasswordReset($user));
|
|
});
|
|
|
|
return $status === Password::PASSWORD_RESET;
|
|
}
|
|
|
|
public function generateOneTimeToken(User $user): string
|
|
{
|
|
$token = bin2hex(random_bytes(12));
|
|
Cache::set("one-time-token.$token", encrypt($user->id), 60 * 10);
|
|
|
|
return $token;
|
|
}
|
|
|
|
public function loginViaOneTimeToken(string $token): CompositeToken
|
|
{
|
|
/** @var User $user */
|
|
$user = $this->userRepository->getOne(decrypt(Cache::get("one-time-token.$token")));
|
|
|
|
return $this->logUserIn($user);
|
|
}
|
|
}
|