[PLUGIN][Pinboard] Change token to user user ID rather than nickname, to avoid complications with it possibly changing

2022-03-31 22:06:37 +01:00 · 2022-03-31 22:06:37 +01:00 · 1664293cf7
parent 94ab4ce8c4
commit 1664293cf7
4 changed files with 15 additions and 32 deletions
--- a/plugins/Pinboard/Controller/APIv1.php
+++ b/plugins/Pinboard/Controller/APIv1.php
@ -79,8 +79,8 @@ class APIv1 extends Controller
        if (!str_contains($input, ':')) {
            return null;
        }
-        [$nickame, $token] = explode(':', $input);
-        return Token::get($nickame, $token)?->getUser();
+        [$id, $token] = explode(':', $input);
+        return Token::get($id, $token)?->getUser();
    }

    private function deleteNoteAndMaybePin(LocalUser $user, Note $note, ?Pin $pin): void
--- a/plugins/Pinboard/Controller/Settings.php
+++ b/plugins/Pinboard/Controller/Settings.php
@ -25,7 +25,7 @@ class Settings extends Controller
    public static function setup()
    {
        $user    = Common::ensureLoggedIn();
-        $token   = Token::get(nickname: null, token: null, user: $user);
+        $token   = Token::get(id: null, token: null, user: $user);
        $enabled = ($token?->getEnabled() ?? false);
        $form    = Form::create([
            ['token', TextType::class, ['label' => _m('The token used to authenticate you via the Pinboard-compatible API'), 'data' => $token?->getUserTokenString(), 'disabled' => true]],
@ -79,7 +79,7 @@ class Settings extends Controller
            } else {
                throw new ClientException(_m('Invalid form submission'));
            }
-            Cache::set(Token::cacheKeys($user->getNickname())['user-token'], $token);
+            Cache::set(Token::cacheKeys($user->getId())['user-token'], $token);
            DB::flush();
            return Form::forceRedirect($form, $request);
        }
--- a/plugins/Pinboard/Entity/Token.php
+++ b/plugins/Pinboard/Entity/Token.php
@ -67,10 +67,10 @@ class Token extends Entity
    // @codeCoverageIgnoreEnd
    // }}} Autocode

-    public static function cacheKeys(string $nickname): array
+    public static function cacheKeys(int $id): array
    {
        return [
-            'user-token' => "pinboard-token-{$nickname}",
+            'user-token' => "pinboard-token-{$id}",
        ];
    }

@ -80,31 +80,30 @@ class Token extends Entity
    }

    /**
-     * Get a token for a $nickname and $token pair, unless given a $user, in which case the token field is not validated
+     * Get a token for a $id and $token pair, unless given a $user, in which case the token field is not validated
     *
     * XXX: may need to verify it's timing safe
     */
-    public static function get(?string $nickname, ?string $token, ?LocalUser $user = null): ?self
+    public static function get(?int $id, ?string $token, ?LocalUser $user = null): ?self
    {
        if (!\is_null($user)) {
            return Cache::get(
-                self::cacheKeys($user->getNickname())['user-token'],
+                self::cacheKeys($user->getId())['user-token'],
                fn () => DB::dql(
                    'select t from \Plugin\Pinboard\Entity\Token t where t.actor_id = :id',
                    ['id' => $user->getId()],
                    options: ['limit' => 1],
                ),
            );
-        } elseif (!\is_null($nickname) && !\is_null($token)) {
+        } elseif (!is_id($id) && !\is_null($token)) {
            return Cache::get(
-                self::cacheKeys($nickname)['user-token'],
+                self::cacheKeys($id)['user-token'],
                fn () => DB::dql(
                    <<<'EOF'
-                        select lu from \App\Entity\LocalUser lu
-                        join \Plugin\Pinboard\Entity\Token t on t.actor_id = lu.actor_id
-                        where lu.nickname = :nickname and t.token = :token and t.enabled = true
+                        select t from \Plugin\Pinboard\Entity\Token t
+                        where t.actor_id = :id and t.token = :token and t.enabled = true
                        EOF,
-                    ['nickname' => $nickame, 'token' => $token],
+                    ['id' => $id, 'token' => $token],
                    options: ['limit' => 1],
                ),
            );
@ -113,7 +112,7 @@ class Token extends Entity

    public function getUserTokenString()
    {
-        return LocalUser::getById($this->getActorId())->getNickname() . ':' . $this->getToken();
+        return $this->getActorId() . ':' . $this->getToken();
    }

    public static function generateTokenString(): string
--- a/plugins/Pinboard/Pinboard.php
+++ b/plugins/Pinboard/Pinboard.php
@ -35,10 +35,7 @@ namespace Plugin\Pinboard;
 use App\Core\Event;
 use App\Core\Modules\Plugin;
 use App\Core\Router;
-use App\Entity\Actor;
-use App\Entity\LocalUser;
 use Plugin\Pinboard\Controller as C;
-use Plugin\Pinboard\Entity\Token;
 use Symfony\Component\HttpFoundation\Request;

 class Pinboard extends Plugin
@ -105,17 +102,4 @@ class Pinboard extends Plugin
        }
        return Event::next;
    }
-
-    public function onActorFormInvalidateRelated(Actor $actor, ?LocalUser $user)
-    {
-        $user ??= $actor->getLocal();
-        if (!$user instanceof LocalUser) {
-            return Event::next;
-        }
-        Cache::delete(Token::cacheKeys($user->getNickname())['user-token']);
-        DB::remove(DB::refetch(Token::get(nickname: null, token: null, user: $user)));
-        DB::flush();
-        // TODO notify user that their token got invalidated
-        return Event::next;
-    }
 }