62 lines
1.6 KiB
PHP
62 lines
1.6 KiB
PHP
<?php
|
|
|
|
class SessionRepo
|
|
{
|
|
public static function create(
|
|
PDO $pdo,
|
|
string $token,
|
|
string $userID,
|
|
string $role,
|
|
string $entityID,
|
|
int $ttl,
|
|
bool $temp = false
|
|
): void {
|
|
$now = time();
|
|
|
|
$pdo->prepare("
|
|
INSERT INTO session (token, userID, role, entityID, createdAt, expiresAt, temp)
|
|
VALUES (:t, :uid, :role, :eid, :ca, :ea, :tmp)
|
|
")->execute([
|
|
':t' => $token,
|
|
':uid' => $userID,
|
|
':role' => $role,
|
|
':eid' => $entityID,
|
|
':ca' => $now,
|
|
':ea' => $now + $ttl,
|
|
':tmp' => (int) $temp,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* @return array<string, mixed>|null Null when token is missing or expired.
|
|
*/
|
|
public static function findByToken(PDO $pdo, string $token): ?array
|
|
{
|
|
$stmt = $pdo->prepare(
|
|
"SELECT * FROM session WHERE token = :t AND expiresAt >= :now"
|
|
);
|
|
$stmt->execute([':t' => $token, ':now' => time()]);
|
|
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
return $row ?: null;
|
|
}
|
|
|
|
public static function revoke(PDO $pdo, string $token): void
|
|
{
|
|
$pdo->prepare("DELETE FROM session WHERE token = :t")
|
|
->execute([':t' => $token]);
|
|
}
|
|
|
|
/**
|
|
* Remove all expired sessions.
|
|
* @return int Number of rows deleted.
|
|
*/
|
|
public static function cleanup(PDO $pdo): int
|
|
{
|
|
$stmt = $pdo->prepare("DELETE FROM session WHERE expiresAt < :now");
|
|
$stmt->execute([':now' => time()]);
|
|
|
|
return $stmt->rowCount();
|
|
}
|
|
}
|