feat(API): implement token re-use mechanism

2024-03-30 12:59:10 +02:00 · 2024-03-30 12:59:10 +02:00 · 0b80c0a6a8
parent 939ea30262
commit 0b80c0a6a8
3 changed files with 53 additions and 6 deletions
--- a/ServiceAPI/Apps.php
+++ b/ServiceAPI/Apps.php
@ -1,8 +1,11 @@
 <?php declare(strict_types=1);
 namespace openvk\ServiceAPI;

+use openvk\Web\Models\Entities\APIToken;
 use openvk\Web\Models\Entities\User;
+use openvk\Web\Models\Repositories\APITokens;
 use openvk\Web\Models\Repositories\Applications;
+use WhichBrowser;

 class Apps implements Handler
 {
@ -89,4 +92,25 @@ class Apps implements Handler
        $app->withdrawCoins();
        $resolve($coins);
    }
+    
+    function getRegularToken(string $clientName, bool $acceptsStale, callable $resolve, callable $reject): void
+    {
+        $token = NULL;
+        $stale = true;
+        if($acceptsStale)
+            $token = (new APITokens)->getStaleByUser($this->user->getId(), $clientName);
+        
+        if(is_null($token)) {
+            $stale = false;
+            $token = new APIToken;
+            $token->setUser($this->user);
+            $token->setPlatform($clientName ?? (new WhichBrowser\Parser(getallheaders()))->toString());
+            $token->save();
+        }
+        
+        $resolve([
+            'is_stale' => $stale,
+            'token'    => $token->getFormattedToken(),
+        ]);
+    }
 }
--- a/Web/Models/Repositories/APITokens.php
+++ b/Web/Models/Repositories/APITokens.php
@ -23,4 +23,13 @@ class APITokens extends Repository
        
        return $token;
    }
+    
+    function getStaleByUser(int $userId, string $platform, bool $withRevoked = false): ?APIToken
+    {
+        return $this->toEntity($this->table->where([
+            'user'     => $userId,
+            'platform' => $platform,
+            'deleted'  => $withRevoked,
+        ])->fetch());
+    }
 }
--- a/Web/Presenters/VKAPIPresenter.php
+++ b/Web/Presenters/VKAPIPresenter.php
@ -286,17 +286,31 @@ final class VKAPIPresenter extends OpenVKPresenter
                $this->fail(28, "Invalid 2FA code", "internal", "acquireToken");
        }
        
-        $platform = $this->requestParam("client_name");
-
-        $token = new APIToken;
-        $token->setUser($user);
-        $token->setPlatform($platform ?? (new WhichBrowser\Parser(getallheaders()))->toString());
-        $token->save();
+        $token        = NULL;
+        $tokenIsStale = true;
+        $platform     = $this->requestParam("client_name");
+        $acceptsStale = $this->requestParam("accepts_stale");
+        if($acceptsStale == "1") {
+            if(is_null($platform))
+                $this->fail(101, "accepts_stale can only be used with explicitly set client_name", "internal", "acquireToken");
+            
+            $token = (new APITokens)->getStaleByUser($uId, $platform);
+        }
+        
+        if(is_null($token)) {
+            $tokenIsStale = false;
+            
+            $token = new APIToken;
+            $token->setUser($user);
+            $token->setPlatform($platform ?? (new WhichBrowser\Parser(getallheaders()))->toString());
+            $token->save();
+        }
        
        $payload = json_encode([
            "access_token" => $token->getFormattedToken(),
            "expires_in"   => 0,
            "user_id"      => $uId,
+            "is_stale"     => $tokenIsStale,
        ]);
        
        $size = strlen($payload);