services/ApiKeyService.php

<?php

namespace Grocy\Services;

class ApiKeyService extends BaseService
{
	const API_KEY_TYPE_DEFAULT = 'default';
	const API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL = 'special-purpose-calendar-ical';

	public function CreateApiKey(string $keyType = self::API_KEY_TYPE_DEFAULT, ?string $description = null)
	{
		$newApiKey = $this->GenerateApiKey();

		$apiKeyRow = $this->DB->api_keys()->createRow([
			'api_key' => $newApiKey,
			'user_id' => GROCY_USER_ID,
			'expires' => '2999-12-31 23:59:59', // Default is that API keys never expire
			'key_type' => $keyType,
			'description' => $description
		]);
		$apiKeyRow->save();

		return $newApiKey;
	}

	public function GetApiKeyId($apiKey)
	{
		$apiKey = $this->DB->api_keys()->where('api_key', $apiKey)->fetch();
		return $apiKey->id;
	}

	// Returns any valid key for $keyType,
	// not allowed for key type "default"
	public function GetOrCreateApiKey($keyType)
	{
		if ($keyType === self::API_KEY_TYPE_DEFAULT)
		{
			return null;
		}
		else
		{
			$apiKeyRow = $this->DB->api_keys()->where('key_type = :1 AND expires > :2', $keyType, date('Y-m-d H:i:s', time()))->fetch();

			if ($apiKeyRow !== null)
			{
				return $apiKeyRow->api_key;
			}
			else
			{
				return $this->CreateApiKey($keyType);
			}
		}
	}

	public function GetUserByApiKey($apiKey)
	{
		$apiKeyRow = $this->DB->api_keys()->where('api_key', $apiKey)->fetch();

		if ($apiKeyRow !== null)
		{
			return $this->DB->users($apiKeyRow->user_id);
		}

		return null;
	}

	public function IsValidApiKey($apiKey, $keyType = self::API_KEY_TYPE_DEFAULT)
	{
		if ($apiKey === null || empty($apiKey))
		{
			return false;
		}
		else
		{
			$apiKeyRow = $this->DB->api_keys()->where('api_key = :1 AND expires > :2 AND key_type = :3', $apiKey, date('Y-m-d H:i:s', time()), $keyType)->fetch();

			if ($apiKeyRow !== null)
			{
				// This should not change the database file modification time as this is used
				// to determine if REALLY something has changed
				$dbModTime = DatabaseService::GetInstance()->GetDbChangedTime();
				$apiKeyRow->update([
					'last_used' => date('Y-m-d H:i:s', time())
				]);
				DatabaseService::GetInstance()->SetDbChangedTime($dbModTime);

				return true;
			}
			else
			{
				return false;
			}
		}
	}

	public function RemoveApiKey($apiKey)
	{
		$this->DB->api_keys()->where('api_key', $apiKey)->delete();
	}

	private function GenerateApiKey()
	{
		return RandomString(50);
	}
}
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`<?php`

			`namespace Grocy\Services;`

			`class ApiKeyService extends BaseService`
			`{`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`const API_KEY_TYPE_DEFAULT = 'default';`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`const API_KEY_TYPE_SPECIAL_PURPOSE_CALENDAR_ICAL = 'special-purpose-calendar-ical';`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00
PHP 8.5 compatibility 2026-03-02 20:58:11 +01:00			`public function CreateApiKey(string $keyType = self::API_KEY_TYPE_DEFAULT, ?string $description = null)`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`{`
			`$newApiKey = $this->GenerateApiKey();`
Convert services to singletons and use lazy loading to improve performance (#479 ) 2020-03-01 23:47:47 +07:00
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$apiKeyRow = $this->DB->api_keys()->createRow([`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`'api_key' => $newApiKey,`
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`'user_id' => GROCY_USER_ID,`
API keys can now have a description 2023-05-23 20:31:51 +02:00			`'expires' => '2999-12-31 23:59:59', // Default is that API keys never expire`
			`'key_type' => $keyType,`
			`'description' => $description`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`]);`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`$apiKeyRow->save();`

			`return $newApiKey;`
			`}`

			`public function GetApiKeyId($apiKey)`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$apiKey = $this->DB->api_keys()->where('api_key', $apiKey)->fetch();`
Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`return $apiKey->id;`
			`}`

Applied PHP-CS-Fixer rules 2020-09-01 21:29:47 +02:00			`// Returns any valid key for $keyType,`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`// not allowed for key type "default"`
			`public function GetOrCreateApiKey($keyType)`
			`{`
			`if ($keyType === self::API_KEY_TYPE_DEFAULT)`
			`{`
			`return null;`
			`}`
			`else`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$apiKeyRow = $this->DB->api_keys()->where('key_type = :1 AND expires > :2', $keyType, date('Y-m-d H:i:s', time()))->fetch();`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00
			`if ($apiKeyRow !== null)`
			`{`
			`return $apiKeyRow->api_key;`
			`}`
			`else`
			`{`
			`return $this->CreateApiKey($keyType);`
			`}`
			`}`
			`}`

Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`public function GetUserByApiKey($apiKey)`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$apiKeyRow = $this->DB->api_keys()->where('api_key', $apiKey)->fetch();`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`if ($apiKeyRow !== null)`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`return $this->DB->users($apiKeyRow->user_id);`
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`}`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00
Optimize and refactor latest changes 2018-07-25 19:28:15 +02:00			`return null;`
			`}`

Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`public function IsValidApiKey($apiKey, $keyType = self::API_KEY_TYPE_DEFAULT)`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`{`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`if ($apiKey === null \|\| empty($apiKey))`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`{`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`return false;`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`}`
			`else`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$apiKeyRow = $this->DB->api_keys()->where('api_key = :1 AND expires > :2 AND key_type = :3', $apiKey, date('Y-m-d H:i:s', time()), $keyType)->fetch();`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`if ($apiKeyRow !== null)`
			`{`
Applied PHP-CS-Fixer rules 2020-09-01 21:29:47 +02:00			`// This should not change the database file modification time as this is used`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`// to determine if REALLY something has changed`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$dbModTime = DatabaseService::GetInstance()->GetDbChangedTime();`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`$apiKeyRow->update([`
			`'last_used' => date('Y-m-d H:i:s', time())`
			`]);`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`DatabaseService::GetInstance()->SetDbChangedTime($dbModTime);`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00
			`return true;`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`}`
			`else`
			`{`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`return false;`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`}`
			`}`
Applied PHP formatting rules 2020-08-31 20:40:31 +02:00			`}`

			`public function RemoveApiKey($apiKey)`
			`{`
Optimized controller / services structure 2026-04-20 22:46:47 +02:00			`$this->DB->api_keys()->where('api_key', $apiKey)->delete();`
Added possibility to export the calendar in iCal format (closes #141 ) 2019-03-04 17:44:48 +01:00			`}`

Finish API documentation and token auth (references #5 ) 2018-04-21 19:18:00 +02:00			`private function GenerateApiKey()`
			`{`
			`return RandomString(50);`
			`}`
			`}`