forked from BassPago/leeds_backend
66 lines
1.4 KiB
PHP
66 lines
1.4 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
|
|
namespace Bass\Webclient\Auth\Models;
|
|
|
|
use Bass\Webclient\Auth\Infra\AuthModelFactory;
|
|
|
|
class ApiKeyModel
|
|
{
|
|
public function findActiveByKey(string $apiKey): array
|
|
{
|
|
$sql = "
|
|
SELECT
|
|
ak.api_key,
|
|
ak.api_secret,
|
|
ak.status,
|
|
u.user_id,
|
|
u.username
|
|
FROM api_keys ak
|
|
JOIN users u ON u.user_id = ak.user_id
|
|
WHERE ak.api_key = :api_key
|
|
AND ak.status = 'active'
|
|
AND u.status = 'active'
|
|
LIMIT 1
|
|
";
|
|
|
|
try {
|
|
$stmt = AuthModelFactory::db()->prepare($sql);
|
|
$stmt->execute(['api_key' => $apiKey]);
|
|
$row = $stmt->fetch();
|
|
|
|
if (!$row) {
|
|
return [
|
|
false,
|
|
[
|
|
'code' => 'API_KEY_NOT_FOUND',
|
|
'message' => 'Invalid API key'
|
|
]
|
|
];
|
|
}
|
|
|
|
return [true, $row];
|
|
} catch (\Throwable $e) {
|
|
return [
|
|
false,
|
|
[
|
|
'code' => 'AUTH_DB_ERROR',
|
|
'message' => 'Failed to query auth database'
|
|
]
|
|
];
|
|
}
|
|
}
|
|
|
|
public function touchLastUsed(string $apiKey): void
|
|
{
|
|
$sql = "UPDATE api_keys SET last_used_at = datetime('now') WHERE api_key = :api_key";
|
|
try {
|
|
AuthModelFactory::db()
|
|
->prepare($sql)
|
|
->execute(['api_key' => $apiKey]);
|
|
} catch (\Throwable $e) {
|
|
// falha aqui NÃO bloqueia request
|
|
}
|
|
}
|
|
}
|