From 5ce9e0539c226fdf3e4e4369996a464521149e97 Mon Sep 17 00:00:00 2001 From: Mohamed Said Date: Mon, 4 May 2020 17:31:30 +0200 Subject: [PATCH] more performant tokens lookup --- src/HasApiTokens.php | 2 +- src/PersonalAccessToken.php | 10 +++++++++- tests/HasApiTokensTest.php | 9 ++++++++- 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/src/HasApiTokens.php b/src/HasApiTokens.php index 1350a503..8d2609c9 100644 --- a/src/HasApiTokens.php +++ b/src/HasApiTokens.php @@ -49,7 +49,7 @@ public function createToken(string $name, array $abilities = ['*']) 'abilities' => $abilities, ]); - return new NewAccessToken($token, $plainTextToken); + return new NewAccessToken($token, $token->id.'|'.$plainTextToken); } /** diff --git a/src/PersonalAccessToken.php b/src/PersonalAccessToken.php index 18ffd33e..88bbccc5 100644 --- a/src/PersonalAccessToken.php +++ b/src/PersonalAccessToken.php @@ -55,7 +55,15 @@ public function tokenable() */ public static function findToken($token) { - return static::where('token', hash('sha256', $token))->first(); + if (! strpos($token, '|')) { + return static::where('token', hash('sha256', $token))->first(); + } + + [$id, $token] = explode('|', $token); + + if ($instance = static::find($id)) { + return $instance->token == hash('sha256', $token) ? $instance : null; + } } /** diff --git a/tests/HasApiTokensTest.php b/tests/HasApiTokensTest.php index 99a56771..11e7cf63 100644 --- a/tests/HasApiTokensTest.php +++ b/tests/HasApiTokensTest.php @@ -15,9 +15,16 @@ public function test_tokens_can_be_created() $newToken = $class->createToken('test', ['foo']); + [$id, $token] = explode('|', $newToken->plainTextToken); + $this->assertEquals( $newToken->accessToken->token, - hash('sha256', $newToken->plainTextToken) + hash('sha256', $token) + ); + + $this->assertEquals( + $newToken->accessToken->id, + $id ); }