49 lines
1.3 KiB
PHP
49 lines
1.3 KiB
PHP
<?php declare(strict_types = 1);
|
|
|
|
namespace MailPoet\Subscribers;
|
|
|
|
if (!defined('ABSPATH')) exit;
|
|
|
|
|
|
use MailPoet\Entities\SubscriberEntity;
|
|
|
|
class LinkTokens {
|
|
private const OBSOLETE_LINK_TOKEN_LENGTH = 6;
|
|
|
|
/** @var SubscribersRepository */
|
|
private $subscribersRepository;
|
|
|
|
public function __construct(
|
|
SubscribersRepository $subscribersRepository
|
|
) {
|
|
$this->subscribersRepository = $subscribersRepository;
|
|
}
|
|
|
|
public function getToken(SubscriberEntity $subscriber): string {
|
|
if ($subscriber->getLinkToken() === null) {
|
|
$subscriber->setLinkToken($this->generateToken($subscriber->getEmail()));
|
|
$this->subscribersRepository->flush();
|
|
}
|
|
return (string)$subscriber->getLinkToken();
|
|
}
|
|
|
|
public function verifyToken(SubscriberEntity $subscriber, string $token) {
|
|
$databaseToken = $this->getToken($subscriber);
|
|
$requestToken = substr($token, 0, strlen($databaseToken));
|
|
return hash_equals($databaseToken, $requestToken);
|
|
}
|
|
|
|
/**
|
|
* Only for backward compatibility for old tokens
|
|
*/
|
|
private function generateToken(?string $email, int $length = self::OBSOLETE_LINK_TOKEN_LENGTH): ?string {
|
|
if ($email !== null) {
|
|
$authKey = '';
|
|
if (defined('AUTH_KEY')) {
|
|
$authKey = AUTH_KEY;
|
|
}
|
|
return substr(md5($authKey . $email), 0, $length);
|
|
}
|
|
return null;
|
|
}
|
|
}
|