prepare(" INSERT INTO session (token, userID, role, entityID, createdAt, expiresAt, temp) VALUES (:t, :uid, :role, :eid, :ca, :ea, :tmp) ")->execute([ ':t' => $token, ':uid' => $userID, ':role' => $role, ':eid' => $entityID, ':ca' => $now, ':ea' => $now + $ttl, ':tmp' => (int) $temp, ]); } /** * @return array|null Null when token is missing or expired. */ public static function findByToken(PDO $pdo, string $token): ?array { $stmt = $pdo->prepare( "SELECT * FROM session WHERE token = :t AND expiresAt >= :now" ); $stmt->execute([':t' => $token, ':now' => time()]); $row = $stmt->fetch(PDO::FETCH_ASSOC); return $row ?: null; } public static function revoke(PDO $pdo, string $token): void { $pdo->prepare("DELETE FROM session WHERE token = :t") ->execute([':t' => $token]); } /** * Remove all expired sessions. * @return int Number of rows deleted. */ public static function cleanup(PDO $pdo): int { $stmt = $pdo->prepare("DELETE FROM session WHERE expiresAt < :now"); $stmt->execute([':now' => time()]); return $stmt->rowCount(); } }