. */ declare(strict_types=1); namespace FireflyIII\Console\Commands; use FireflyIII\Exceptions\FireflyException; use FireflyIII\Repositories\User\UserRepositoryInterface; use FireflyIII\User; use Illuminate\Support\Facades\Log; /** * Trait VerifiesAccessToken. * * Verifies user access token for sensitive commands. * */ trait VerifiesAccessToken { /** * @return User * @throws FireflyException */ public function getUser(): User { $userId = (int)$this->option('user'); /** @var UserRepositoryInterface $repository */ $repository = app(UserRepositoryInterface::class); $user = $repository->find($userId); if (null === $user) { throw new FireflyException('300000: User is unexpectedly NULL'); } return $user; } /** * Abstract method to make sure trait knows about method "option". * * @param string|null $key * * @return mixed */ abstract public function option($key = null); /** * Returns false when given token does not match given user token. * * @return bool * @throws FireflyException */ protected function verifyAccessToken(): bool { $userId = (int)$this->option('user'); $token = (string)$this->option('token'); /** @var UserRepositoryInterface $repository */ $repository = app(UserRepositoryInterface::class); $user = $repository->find($userId); if (null === $user) { Log::error(sprintf('verifyAccessToken(): no such user for input "%d"', $userId)); return false; } $accessToken = app('preferences')->getForUser($user, 'access_token'); if (null === $accessToken) { Log::error(sprintf('User #%d has no access token, so cannot access command line options.', $userId)); return false; } if ($accessToken->data !== $token) { Log::error(sprintf('Invalid access token for user #%d.', $userId)); Log::error(sprintf('Token given is "%s", expected something else.', $token)); return false; } return true; } }