Build the user context based on hashed token

api/businesslogic/security/UserContextBuilder.php

@@ -3,10 +3,12 @@
 namespace BusinessLogic\Security;
 
 
+use DataAccess\Security\UserDao;
+
 class UserContextBuilder {
     static function buildUserContext($authToken, $hesk_settings) {
-        //$userForToken = gateway.getUserForToken($authToken);
-
+        $hashedToken = hash('sha512', $authToken);
+        return UserDao::getUserForAuthToken($hashedToken, $hesk_settings);
     }
 
     /**
@@ -14,7 +16,7 @@ class UserContextBuilder {
      * @param $dataRow array the $_SESSION superglobal or the hesk_users result set
      * @return UserContext the built user context
      */
-    static function fromSession($dataRow) {
+    static function fromDataRow($dataRow) {
         require_once(__DIR__ . '/UserContext.php');
         require_once(__DIR__ . '/UserContextPreferences.php');
         require_once(__DIR__ . '/UserContextNotifications.php');

api/dao/UserDao.php

@@ -0,0 +1,34 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: user
+ * Date: 1/21/17
+ * Time: 4:23 PM
+ */
+
+namespace DataAccess\Security;
+
+
+use BusinessLogic\Security\UserContextBuilder;
+use Exception;
+
+class UserDao {
+    static function getUserForAuthToken($hashedToken, $hesk_settings) {
+        require_once(__DIR__ . '/../businesslogic/security/UserContextBuilder.php');
+
+        if (!function_exists('hesk_dbConnect')) {
+            throw new Exception('Database not loaded!');
+        }
+        hesk_dbConnect();
+
+        $rs = hesk_dbQuery('SELECT * FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'users` WHERE `id` = (
+                SELECT ``
+                FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . 'user_api_tokens`
+                WHERE `token` = ' . hesk_dbEscape($hashedToken) . '
+            )');
+
+        $row = hesk_dbFetchAssoc($rs);
+
+        return UserContextBuilder::fromDataRow($row);
+    }
+}