diff --git a/http/php/config.php b/http/php/config.php new file mode 100644 index 0000000..6a2d059 --- /dev/null +++ b/http/php/config.php @@ -0,0 +1,11 @@ +exec( + <<exec( + <<exec( + <<query( + <<= $twentyFourHoursAgo; + SQL + , + ) + ->fetchColumn(0); +} + +function insertSendEmailToken(PDO $db, string $userId, string $token) +{ + $createdAtUnixSecs = time(); + $validUntilUnixSecs = $createdAtUnixSecs + 60; + $db + ->prepare( + <<execute([ + "userId" => $userId, + "token" => $token, + "createdAtUnixSecs" => $createdAtUnixSecs, + "validUntilUnixSecs" => $validUntilUnixSecs, + ]); +} + +function isTokenValid(PDO $db, string $userId, string $token): int +{ + $now = time(); + $stmt = $db->prepare( + <<= :validUntilUnixSecs; + SQL + , + ); + $stmt->execute([ + "userId" => $userId, + "token" => $token, + "validUntilUnixSecs" => $now, + ]); + $validTokenCount = (int) $stmt->fetchColumn(0); + return $validTokenCount > 0; +} + +function deleteAllTokensForUser(PDO $db, string $userId) +{ + $db + ->prepare( + <<execute(["userId" => $userId]); +} + +function deleteAllOtpsForUser(PDO $db, string $userId) +{ + $db + ->prepare( + <<execute(["userId" => $userId]); +} + +function recordSentEmail(PDO $db, string $messageId) +{ + $now = time(); + $stmt = $db->prepare( + <<execute(["messageId" => $messageId, "now" => $now]); +} + +function insertOtp(PDO $db, string $userId, string $otp) +{ + $createdAtUnixSecs = time(); + $validUntilUnixSecs = $createdAtUnixSecs + 60 * 5; + $db + ->prepare( + <<execute([ + "userId" => $userId, + "otp" => $otp, + "createdAtUnixSecs" => $createdAtUnixSecs, + "validUntilUnixSecs" => $validUntilUnixSecs, + ]); +} + +function isOtpCorrect( + PDO $db, + string $userId, + string $guess, + int $leniencySecs, +): bool { + $stmt = $db->prepare( + <<= :validUntilUnixSecs + SQL + , + ); + $stmt->execute([ + "userId" => $userId, + "guess" => $guess, + "validUntilUnixSecs" => time() - $leniencySecs, + ]); + return $stmt->fetchColumn(0); +}