2026-02-04 23:31:53 +01:00
< ? php
2026-02-11 19:28:12 +01:00
namespace MintyPHP\Repository\Auth ;
2026-02-04 23:31:53 +01:00
use MintyPHP\DB ;
2026-03-13 21:58:51 +01:00
/** Stores password reset codes with attempt counters, expiry, and completion history. */
2026-03-05 08:26:51 +01:00
class PasswordResetRepository implements PasswordResetRepositoryInterface
2026-02-04 23:31:53 +01:00
{
2026-02-23 12:58:19 +01:00
private function unwrapList ( $rows ) : array
2026-02-11 19:28:12 +01:00
{
if ( ! is_array ( $rows )) {
return [];
}
$list = [];
foreach ( $rows as $row ) {
$data = $row [ 'password_resets' ] ? ? $row ;
if ( is_array ( $data )) {
$list [] = $data ;
}
}
return $list ;
}
2026-02-23 12:58:19 +01:00
public function create ( int $userId , string $codeHash , string $expiresAt ) : ? int
2026-02-04 23:31:53 +01:00
{
$id = DB :: insert (
'insert into password_resets (user_id, code_hash, expires_at, attempts, used_at, created) values (?,?,?,?,NULL,NOW())' ,
( string ) $userId ,
$codeHash ,
$expiresAt ,
0
);
return $id ? ( int ) $id : null ;
}
2026-02-23 12:58:19 +01:00
public function invalidateForUser ( int $userId ) : bool
2026-02-04 23:31:53 +01:00
{
$result = DB :: update (
'update password_resets set used_at = NOW() where user_id = ? and used_at is null' ,
( string ) $userId
);
return $result !== false ;
}
2026-02-23 12:58:19 +01:00
public function findActiveByUserId ( int $userId ) : ? array
2026-02-04 23:31:53 +01:00
{
$row = DB :: selectOne (
'select id, user_id, code_hash, expires_at, attempts, used_at from password_resets where user_id = ? and used_at is null and expires_at > UTC_TIMESTAMP() order by id desc limit 1' ,
( string ) $userId
);
if ( ! $row || ! isset ( $row [ 'password_resets' ])) {
return null ;
}
return $row [ 'password_resets' ];
}
2026-02-23 12:58:19 +01:00
public function findById ( int $id ) : ? array
2026-02-04 23:31:53 +01:00
{
$row = DB :: selectOne (
'select id, user_id, code_hash, expires_at, attempts, used_at from password_resets where id = ? limit 1' ,
( string ) $id
);
if ( ! $row || ! isset ( $row [ 'password_resets' ])) {
return null ;
}
return $row [ 'password_resets' ];
}
2026-02-23 12:58:19 +01:00
public function incrementAttempts ( int $id ) : bool
2026-02-04 23:31:53 +01:00
{
$result = DB :: update (
'update password_resets set attempts = attempts + 1 where id = ?' ,
( string ) $id
);
return $result !== false ;
}
2026-02-23 12:58:19 +01:00
public function markUsed ( int $id ) : bool
2026-02-04 23:31:53 +01:00
{
$result = DB :: update (
'update password_resets set used_at = NOW() where id = ?' ,
( string ) $id
);
return $result !== false ;
}
2026-02-11 19:28:12 +01:00
2026-02-23 12:58:19 +01:00
public function listByUserId ( int $userId , int $limit = 20 ) : array
2026-02-11 19:28:12 +01:00
{
if ( $userId <= 0 ) {
return [];
}
if ( $limit < 1 ) {
$limit = 20 ;
} elseif ( $limit > 100 ) {
$limit = 100 ;
}
$rows = DB :: select (
'select id, user_id, expires_at, attempts, used_at, created from password_resets where user_id = ? order by id desc limit ?' ,
( string ) $userId ,
( string ) $limit
);
2026-02-23 12:58:19 +01:00
return $this -> unwrapList ( $rows );
2026-02-11 19:28:12 +01:00
}
2026-02-04 23:31:53 +01:00
}