Added very basic system to add API tokens to an user

2025-07-07 17:04:30 +02:00 · 2023-08-15 23:36:56 +02:00 · 2023-08-15 23:36:56 +02:00 · 3bc6e61869
commit 3bc6e61869
parent 3486957447
8 changed files with 395 additions and 2 deletions
--- a/src/Entity/UserSystem/ApiToken.php
+++ b/src/Entity/UserSystem/ApiToken.php
@ -0,0 +1,125 @@
+<?php
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+
+namespace App\Entity\UserSystem;
+
+use App\Entity\Base\AbstractNamedDBElement;
+use App\Entity\Base\TimestampTrait;
+use App\Repository\UserSystem\ApiTokenRepository;
+use Doctrine\DBAL\Types\Types;
+use Doctrine\ORM\Mapping as ORM;
+use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
+use Symfony\Component\Validator\Constraints\NotBlank;
+
+#[ORM\Entity(repositoryClass: ApiTokenRepository::class)]
+#[ORM\Table(name: 'api_tokens')]
+#[ORM\HasLifecycleCallbacks]
+#[UniqueEntity(fields: ['name', 'user'])]
+class ApiToken
+{
+
+    use TimestampTrait;
+
+    #[ORM\Id]
+    #[ORM\Column(type: Types::INTEGER)]
+    #[ORM\GeneratedValue]
+    protected int $id;
+
+    #[ORM\Column(type: Types::STRING)]
+    #[NotBlank]
+    protected string $name = '';
+
+    #[ORM\ManyToOne(inversedBy: 'api_tokens')]
+    private ?User $user = null;
+
+    #[ORM\Column(type: Types::DATETIME_MUTABLE, nullable: true)]
+    private ?\DateTimeInterface $valid_until = null;
+
+    #[ORM\Column(length: 68, unique: true)]
+    private string $token;
+
+    public function __construct(ApiTokenType $tokenType = ApiTokenType::PERSONAL_ACCESS_TOKEN)
+    {
+        // Generate a rondom token on creation. The tokenType is 3 characters long (plus underscore), so the token is 68 characters long.
+        $this->token = $tokenType->getTokenPrefix() . bin2hex(random_bytes(32));
+    }
+
+    public function getTokenType(): ApiTokenType
+    {
+        return ApiTokenType::getTypeFromToken($this->token);
+    }
+
+    public function getUser(): ?User
+    {
+        return $this->user;
+    }
+
+    public function setUser(?User $user): ApiToken
+    {
+        $this->user = $user;
+        return $this;
+    }
+
+    public function getValidUntil(): ?\DateTimeInterface
+    {
+        return $this->valid_until;
+    }
+
+    /**
+     * Checks if the token is still valid.
+     * @return bool
+     */
+    public function isValid(): bool
+    {
+        return $this->valid_until === null || $this->valid_until > new \DateTime();
+    }
+
+    public function setValidUntil(?\DateTimeInterface $valid_until): ApiToken
+    {
+        $this->valid_until = $valid_until;
+        return $this;
+    }
+
+    public function getToken(): string
+    {
+        return $this->token;
+    }
+
+    public function getId(): int
+    {
+        return $this->id;
+    }
+
+    public function getName(): string
+    {
+        return $this->name;
+    }
+
+    public function setName(string $name): ApiToken
+    {
+        $this->name = $name;
+        return $this;
+    }
+
+
+}
--- a/src/Entity/UserSystem/ApiTokenType.php
+++ b/src/Entity/UserSystem/ApiTokenType.php
@ -0,0 +1,56 @@
+<?php
+/*
+ * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
+ *
+ *  Copyright (C) 2019 - 2023 Jan Böhmer (https://github.com/jbtronics)
+ *
+ *  This program is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU Affero General Public License as published
+ *  by the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU Affero General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Affero General Public License
+ *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+
+declare(strict_types=1);
+
+
+namespace App\Entity\UserSystem;
+
+/**
+ * The type of ApiToken.
+ * The enum value is the prefix of the token. It must be 3 characters long.
+ */
+enum ApiTokenType: string
+{
+    case PERSONAL_ACCESS_TOKEN = 'tcp';
+
+    /**
+     * Get the prefix of the token including the underscore
+     * @return string
+     */
+    public function getTokenPrefix(): string
+    {
+        return $this->value . '_';
+    }
+
+    /**
+     * Get the type from the token prefix
+     * @param  string  $api_token
+     * @return ApiTokenType
+     */
+    public static function getTypeFromToken(string $api_token): ApiTokenType
+    {
+        $parts = explode('_', $api_token);
+        if (count($parts) !== 2) {
+            throw new \InvalidArgumentException('Invalid token format');
+        }
+        return self::from($parts[0]);
+    }
+}
--- a/src/Entity/UserSystem/User.php
+++ b/src/Entity/UserSystem/User.php
@ -279,6 +279,12 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
    #[ORM\OneToMany(mappedBy: 'user', targetEntity: WebauthnKey::class, cascade: ['REMOVE'], fetch: 'EXTRA_LAZY', orphanRemoval: true)]
    protected Collection $webauthn_keys;

+    /**
+     * @var Collection<int, ApiToken>
+     */
+    #[ORM\OneToMany(mappedBy: 'user', targetEntity: ApiToken::class, cascade: ['REMOVE'], fetch: 'EXTRA_LAZY', orphanRemoval: true)]
+    private Collection $api_tokens;
+
    /**
     * @var Currency|null The currency the user wants to see prices in.
     *                    Dont use fetch=EAGER here, this will cause problems with setting the currency setting.
@ -316,6 +322,7 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
        $this->permissions = new PermissionData();
        $this->u2fKeys = new ArrayCollection();
        $this->webauthn_keys = new ArrayCollection();
+        $this->api_tokens = new ArrayCollection();
    }

    /**
@ -969,8 +976,6 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
        return $this;
    }

-
-
    public function setSamlAttributes(array $attributes): void
    {
        //When mail attribute exists, set it
@ -1000,4 +1005,36 @@ class User extends AttachmentContainingDBElement implements UserInterface, HasPe
            $this->setEmail($attributes['urn:oid:1.2.840.113549.1.9.1'][0]);
        }
    }
+
+    /**
+     * Return all API tokens of the user.
+     * @return Collection
+     */
+    public function getApiTokens(): Collection
+    {
+        return $this->api_tokens;
+    }
+
+    /**
+     * Add an API token to the user.
+     * @param  ApiToken  $apiToken
+     * @return void
+     */
+    public function addApiToken(ApiToken $apiToken): void
+    {
+        $this->api_tokens->add($apiToken);
+    }
+
+    /**
+     * Remove an API token from the user.
+     * @param  ApiToken  $apiToken
+     * @return void
+     */
+    public function removeApiToken(ApiToken $apiToken): void
+    {
+        $this->api_tokens->removeElement($apiToken);
+    }
+
+
+
 }