Rework logic in PdoSource

rougin · Nov 16, 2024 · e8c76db · e8c76db
1 parent d561111
commit e8c76db
Showing 1 changed file with 45 additions and 33 deletions.
diff --git a/src/Source/PdoSource.php b/src/Source/PdoSource.php
@@ -2,7 +2,6 @@
 
 namespace Rougin\Authsum\Source;
 
-use Rougin\Authsum\Error;
 use Rougin\Authsum\Source;
 
 /**
@@ -64,50 +63,23 @@ public function __construct(\PDO $pdo)
      */
     public function isValid()
     {
-        $username = $this->usernameField;
-
-        $table = $this->table;
-
-        $query = "SELECT * FROM $table WHERE $username = ?";
-
-        $error = new Error;
-
         try
         {
-            /** @var \PDOStatement */
-            $stmt = $this->pdo->prepare($query);
-
-            $stmt->execute(array($this->usernameValue));
-
-            /** @var array<string, string> */
-            $row = $stmt->fetch(\PDO::FETCH_ASSOC);
+            $row = $this->runQuery();
         }
         catch (\Exception $e)
         {
             return $this->setError($e->getMessage());
         }
 
-        $hash = $row[$this->passwordField];
-
-        $value = $this->passwordValue;
-
-        $samePass = password_verify($value, $hash);
+        $sameUser = $row[$this->usernameField] === $this->usernameValue;
 
-        if (! $this->withHash)
-        {
-            $samePass = $row[$this->passwordField] === $value;
-        }
-
-        $value = $this->usernameValue;
-
-        $sameUser = $row[$this->usernameField] === $value;
-
-        if ($sameUser && $samePass)
+        if (! $sameUser || ! $this->samePass($row))
         {
-            return $this->setResult();
+            return $this->setError();
         }
 
-        return $this->setError();
+        return $this->setResult();
     }
 
     /**
@@ -189,4 +161,44 @@ public function withoutHash()
 
         return $this;
     }
+
+    /**
+     * @return array<string, string>
+     * @throws \PDOException
+     */
+    protected function runQuery()
+    {
+        $username = $this->usernameField;
+
+        $table = $this->table;
+
+        $query = "SELECT * FROM $table WHERE $username = ?";
+
+        /** @var \PDOStatement */
+        $stmt = $this->pdo->prepare($query);
+
+        $stmt->execute(array($this->usernameValue));
+
+        /** @var array<string, string> */
+        return $stmt->fetch(\PDO::FETCH_ASSOC);
+    }
+
+    /**
+     * @param array<string, string> $row
+     *
+     * @return boolean
+     */
+    protected function samePass($row)
+    {
+        $hash = $row[$this->passwordField];
+
+        $same = password_verify($this->passwordValue, $hash);
+
+        if (! $this->withHash)
+        {
+            $same = $row[$this->passwordField] === $this->passwordValue;
+        }
+
+        return $same;
+    }
 }