1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 
<?php
namespace Omeka\Entity;

use DateTime;
use Zend\Crypt\Password\Bcrypt;
use Zend\Math\Rand;

/**
 * @Entity
 * @HasLifecycleCallbacks
 */
class ApiKey extends AbstractEntity
{
    /**
     * The length of the key identity and credential.
     *
     * If this changes the identity annotation must change as well.
     */
    const STRING_LENGTH = 32;

    /**
     * The allowed character list for the key identity and credential.
     */
    const STRING_CHARLIST = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890';

    /**
     * The key identity
     *
     * @Id
     * @Column(length=32)
     */
    protected $id;

    /**
     * @Column
     */
    protected $label;

    /**
     * The hashed key credential
     *
     * @Column(length=60)
     */
    protected $credentialHash;

    /**
     * @Column(type="ip_address", nullable=true)
     */
    protected $lastIp;

    /**
     * @Column(type="datetime", nullable=true)
     */
    protected $lastAccessed;

    /**
     * @Column(type="datetime")
     */
    protected $created;

    /**
     * The associated user
     *
     * @ManyToOne(targetEntity="User", inversedBy="keys", fetch="EAGER")
     * @JoinColumn(nullable=false)
     */
    protected $owner;

    /**
     * @PrePersist
     */
    public function prePersist()
    {
        if (null === $this->created) {
            // Set created datetime if not already set.
            $this->created = new DateTime;
        }
    }

    public function setId()
    {
        $this->id = $this->getString();
    }

    public function getId()
    {
        return $this->id;
    }

    public function setLabel($label)
    {
        $this->label = $label;
    }

    public function getLabel()
    {
        return $this->label;
    }

    /**
     * Set the key credential, storing it hashed.
     *
     * @return string The unencrypted credential. This will be the only
     * opportunity to obtain the unencrypted credential.
     */
    public function setCredential()
    {
        $credential = $this->getString();
        $bcrypt = new Bcrypt;
        $this->credentialHash = $bcrypt->create($credential);
        return $credential;
    }

    /**
     * Verify a key credential.
     *
     * @param string The credential to verify
     */
    public function verifyCredential($credential)
    {
        $bcrypt = new Bcrypt;
        return $bcrypt->verify($credential, $this->credentialHash);
    }

    public function setLastIp($lastIp)
    {
        $this->lastIp = $lastIp;
    }

    public function getLastIp()
    {
        return $this->lastIp;
    }

    public function setLastAccessed(DateTime $lastAccessed)
    {
        $this->lastAccessed = $lastAccessed;
    }

    public function getLastAccessed()
    {
        return $this->lastAccessed;
    }

    public function setCreated(DateTime $created)
    {
        $this->created = $created;
    }

    public function getCreated()
    {
        return $this->created;
    }

    public function setOwner(User $owner = null)
    {
        $this->owner = $owner;
    }

    public function getOwner()
    {
        return $this->owner;
    }

    protected function getString()
    {
        return Rand::getString(self::STRING_LENGTH, self::STRING_CHARLIST, true);
    }
}