jweb/ac1/src/models/TokenManager.php

<?php
// models/TokenManager.php
require_once '../../db.php';

class TokenManager {
    private $conn;
    private $table_tokens = "access_tokens";
    private $table_usage = "token_usage_logs";
    
    public function __construct() {
        $database = new Database();
        $this->conn = $database->getConnection();
        
        // Create tables if they don't exist
        $this->createTablesIfNotExist();
    }
    
    private function createTablesIfNotExist() {
        try {
            // Create access_tokens table
            $query = "CREATE TABLE IF NOT EXISTS access_tokens (
                id INT PRIMARY KEY AUTO_INCREMENT,
                user_id INT NOT NULL,
                token_name VARCHAR(100) NOT NULL,
                token_value VARCHAR(255) UNIQUE NOT NULL,
                permissions JSON NOT NULL,
                ip_restrictions TEXT,
                expires_at TIMESTAMP NULL,
                is_active BOOLEAN DEFAULT TRUE,
                last_used TIMESTAMP NULL,
                usage_count INT DEFAULT 0,
                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
            )";
            $this->conn->exec($query);
            
            // Create token_usage_logs table
            $query = "CREATE TABLE IF NOT EXISTS token_usage_logs (
                id INT PRIMARY KEY AUTO_INCREMENT,
                token_id INT NOT NULL,
                user_id INT NOT NULL,
                endpoint VARCHAR(100) NOT NULL,
                ip_address VARCHAR(45),
                user_agent TEXT,
                request_method VARCHAR(10),
                response_code INT,
                processing_time_ms INT,
                created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
            )";
            $this->conn->exec($query);
            
        } catch (PDOException $e) {
            error_log("Table creation error: " . $e->getMessage());
        }
    }
    
    private function generateToken() {
        return 'jm_' . bin2hex(random_bytes(24));
    }
    
    public function createToken($user_id, $token_name, $permissions, $expires_in_days = 30, $ip_restrictions = null) {
        try {
            $token_value = $this->generateToken();
            
            $expires_at = null;
            if ($expires_in_days > 0) {
                $expires_at = date('Y-m-d H:i:s', strtotime("+{$expires_in_days} days"));
            }
            
            $query = "INSERT INTO {$this->table_tokens} 
                     (user_id, token_name, token_value, permissions, ip_restrictions, expires_at) 
                     VALUES (:user_id, :token_name, :token_value, :permissions, :ip_restrictions, :expires_at)";
            
            $stmt = $this->conn->prepare($query);
            $stmt->bindParam(":user_id", $user_id);
            $stmt->bindParam(":token_name", $token_name);
            $stmt->bindParam(":token_value", $token_value);
            $stmt->bindParam(":permissions", json_encode($permissions));
            $stmt->bindParam(":ip_restrictions", $ip_restrictions);
            $stmt->bindParam(":expires_at", $expires_at);
            
            if ($stmt->execute()) {
                return [
                    'success' => true,
                    'token' => $token_value,
                    'id' => $this->conn->lastInsertId()
                ];
            }
        } catch (PDOException $e) {
            error_log("Token creation error: " . $e->getMessage());
        }
        
        return ['success' => false, 'message' => 'Failed to create token'];
    }
    
    public function getUserTokens($user_id) {
        try {
            $query = "SELECT * FROM {$this->table_tokens} 
                     WHERE user_id = :user_id AND is_active = TRUE 
                     ORDER BY created_at DESC";
            
            $stmt = $this->conn->prepare($query);
            $stmt->bindParam(":user_id", $user_id);
            $stmt->execute();
            
            $tokens = [];
            while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
                $row['permissions'] = json_decode($row['permissions'], true) ?? [];
                $row['is_expired'] = $row['expires_at'] && strtotime($row['expires_at']) < time();
                $tokens[] = $row;
            }
            
            return $tokens;
        } catch (PDOException $e) {
            error_log("Get tokens error: " . $e->getMessage());
            return [];
        }
    }
    
    public function revokeToken($token_id, $user_id) {
        try {
            $query = "UPDATE {$this->table_tokens} SET is_active = FALSE 
                     WHERE id = :token_id AND user_id = :user_id";
            
            $stmt = $this->conn->prepare($query);
            $stmt->bindParam(":token_id", $token_id);
            $stmt->bindParam(":user_id", $user_id);
            
            return $stmt->execute();
        } catch (PDOException $e) {
            error_log("Revoke token error: " . $e->getMessage());
            return false;
        }
    }
    
    public function getRealtimeStats($user_id, $hours = 24) {
        try {
            $query = "SELECT 
                        COUNT(*) as total_calls,
                        AVG(processing_time_ms) as avg_response_time
                     FROM {$this->table_usage} 
                     WHERE user_id = :user_id 
                     AND created_at >= DATE_SUB(NOW(), INTERVAL :hours HOUR)";
            
            $stmt = $this->conn->prepare($query);
            $stmt->bindParam(":user_id", $user_id);
            $stmt->bindParam(":hours", $hours);
            $stmt->execute();
            
            return $stmt->fetch(PDO::FETCH_ASSOC) ?: ['total_calls' => 0, 'avg_response_time' => 0];
        } catch (PDOException $e) {
            error_log("Stats error: " . $e->getMessage());
            return ['total_calls' => 0, 'avg_response_time' => 0];
        }
    }
}
?>