refactor: migrate pest config and improve code quality for CI compliance

app/predefine.php

@@ -3,7 +3,7 @@
 declare(strict_types=1);
 
 // Global constants
-if (!defined('BASE_PATH')) {
+if (! defined('BASE_PATH')) {
     define('BASE_PATH', __DIR__ . '/..');
 }
 const VERSION = '25.1.0';

db/migrations/2025073100-refactor_mfa.php

@@ -53,4 +53,4 @@ return new class() implements MigrationInterface {
 
         return 2024061600;
     }
-};
+};

src/Controllers/AuthController.php

@@ -105,7 +105,7 @@ final class AuthController extends BaseController
                 ->withJson([
                     'ret' => 1,
                     'msg' => '请完成二步认证',
-            ]);
+                ]);
         }
 
         $time = $rememberMe ? 86400 * ($_ENV['rememberMeDuration'] ?? 7) : 3600; // Cookie 过期时间
@@ -388,14 +388,14 @@ final class AuthController extends BaseController
 
     public function webauthnRequest(ServerRequest $request, Response $response, $next): ResponseInterface
     {
-        return $response->withJson(WebAuthn::AssertRequest());
+        return $response->withJson(WebAuthn::assertRequest());
     }
 
     public function webauthnHandle(ServerRequest $request, Response $response, $next): ResponseInterface
     {
         $data = $this->antiXss->xss_clean((array) $request->getParsedBody());
         $redir = $this->antiXss->xss_clean(Cookie::get('redir')) ?? '/user';
-        $result = WebAuthn::AssertHandle($data);
+        $result = WebAuthn::assertHandle($data);
         if ($result['ret'] === 1) {
             $user = $result['user'];
             if ($user === null) {
@@ -433,7 +433,7 @@ final class AuthController extends BaseController
         if ($user === null) {
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
         }
-        $result = TOTP::AssertHandle($user, $code);
+        $result = TOTP::assertHandle($user, $code);
         if ($result['ret'] === 1) {
             $redis->del('mfa_login_' . session_id());
             $rememberMe = $login_session['remember_me'];
@@ -462,7 +462,7 @@ final class AuthController extends BaseController
         if ($user === null) {
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
         }
-        return $response->withJson(FIDO::AssertRequest($user));
+        return $response->withJson(FIDO::assertRequest($user));
     }
 
     public function fidoHandle(ServerRequest $request, Response $response, $next): ResponseInterface
@@ -478,7 +478,7 @@ final class AuthController extends BaseController
         if ($user === null) {
             return $response->withJson(['ret' => 0, 'msg' => '用户不存在'])->withHeader('HX-Redirect', '/auth/login');
         }
-        $result = FIDO::AssertHandle($user, $data);
+        $result = FIDO::assertHandle($user, $data);
         if ($result['ret'] === 1) {
             $redis->del('mfa_login_' . session_id());
             $rememberMe = $login_session['remember_me'];

src/Controllers/User/InfoController.php

@@ -34,18 +34,19 @@ final class InfoController extends BaseController
     {
         $themes = Tools::getDir(BASE_PATH . '/resources/views');
         $methods = Tools::getSsMethod();
-        $webauthnDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'passkey')->get()->toArray());
-        $totpDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'totp')->get()->toArray());
-        $fidoDevices = array_map(fn($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'fido')->get()->toArray());
-
-        return $response->write($this->view()
-            ->assign('user', $this->user)
-            ->assign('themes', $themes)
-            ->assign('methods', $methods)
-            ->assign('webauthnDevices', $webauthnDevices)
-            ->assign('totpDevices', $totpDevices)
-            ->assign('fidoDevices', $fidoDevices)
-            ->fetch('user/edit.tpl')
+        $webauthnDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'passkey')->get()->toArray());
+        $totpDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'totp')->get()->toArray());
+        $fidoDevices = array_map(static fn ($item) => (object) $item, (new MFADevice())->where('userid', $this->user->id)->where('type', 'fido')->get()->toArray());
+
+        return $response->write(
+            $this->view()
+                ->assign('user', $this->user)
+                ->assign('themes', $themes)
+                ->assign('methods', $methods)
+                ->assign('webauthnDevices', $webauthnDevices)
+                ->assign('totpDevices', $totpDevices)
+                ->assign('fidoDevices', $fidoDevices)
+                ->fetch('user/edit.tpl')
         );
     }
 

src/Controllers/User/MFAController.php

@@ -21,13 +21,13 @@ final class MFAController extends BaseController
 {
     public function webauthnRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
-        return $response->withJson(WebAuthn::RegisterRequest($this->user));
+        return $response->withJson(WebAuthn::registerRequest($this->user));
     }
 
     public function webauthnRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
         try {
-            return $response->withJson(WebAuthn::RegisterHandle($this->user, $this->antiXss->xss_clean($request)));
+            return $response->withJson(WebAuthn::registerHandle($this->user, $this->antiXss->xss_clean($request)));
         } catch (Exception $e) {
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
         }
@@ -55,13 +55,13 @@ final class MFAController extends BaseController
 
     public function totpRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
-        return $response->withJson(TOTP::RegisterRequest($this->user));
+        return $response->withJson(TOTP::registerRequest($this->user));
     }
 
     public function totpRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
         try {
-            return $response->withJson(TOTP::RegisterHandle($this->user, $this->antiXss->xss_clean($request->getParam('code', ''))));
+            return $response->withJson(TOTP::registerHandle($this->user, $this->antiXss->xss_clean($request->getParam('code', ''))));
         } catch (Exception $e) {
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
         }
@@ -88,13 +88,13 @@ final class MFAController extends BaseController
 
     public function fidoRegisterRequest(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
-        return $response->withJson(FIDO::RegisterRequest($this->user));
+        return $response->withJson(FIDO::registerRequest($this->user));
     }
 
     public function fidoRegisterHandle(ServerRequest $request, Response $response, array $args): ResponseInterface
     {
         try {
-            return $response->withJson(FIDO::RegisterHandle($this->user, $this->antiXss->xss_clean($request->getParsedBody())));
+            return $response->withJson(FIDO::registerHandle($this->user, $this->antiXss->xss_clean($request->getParsedBody())));
         } catch (Exception $e) {
             return $response->withJson(['ret' => 0, 'msg' => '请求失败: ' . $e->getMessage()]);
         }

src/Models/MFADevice.php

@@ -22,4 +22,4 @@ final class MFADevice extends Model
 {
     protected $connection = 'default';
     protected $table = 'mfa_devices';
-}
+}

src/Models/User.php

@@ -332,8 +332,7 @@ final class User extends Model
         $hasTotp = $totp !== null;
         if (! $hasFido && ! $hasTotp) {
             return ['require' => false];
-        } else {
-            return ['require' => true, 'fido' => $hasFido, 'totp' => $hasTotp];
         }
+        return ['require' => true, 'fido' => $hasFido, 'totp' => $hasTotp];
     }
 }

src/Services/Cache.php

@@ -14,9 +14,9 @@ final class Cache
         $redis = new Redis();
         $redis->connect($config['host'], $config['port'], $config['connectTimeout']);
         // 认证
-        if (! empty($config['auth']['user']) && ! empty($config['auth']['pass'])) {
+        if (($config['auth']['user'] ?? '') !== '' && ($config['auth']['pass'] ?? '') !== '') {
             $redis->auth([$config['auth']['user'], $config['auth']['pass']]);
-        } elseif (! empty($config['auth']['pass'])) {
+        } elseif (($config['auth']['pass'] ?? '') !== '') {
             $redis->auth($config['auth']['pass']);
         }
         // 选择数据库

src/Services/MFA/FIDO.php

@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 namespace App\Services\MFA;
 
 use App\Models\MFADevice;
@@ -16,10 +18,9 @@ use Webauthn\PublicKeyCredentialDescriptor;
 use Webauthn\PublicKeyCredentialRequestOptions;
 use Webauthn\PublicKeyCredentialSource;
 
-class FIDO
+final class FIDO
 {
-
-    public static function RegisterRequest(User $user): array
+    public static function registerRequest(User $user): array
     {
         $rpEntity = WebAuthn::generateRPEntity();
         $userEntity = WebAuthn::generateUserEntity($user);
@@ -41,7 +42,7 @@ class FIDO
         return json_decode($jsonObject, true);
     }
 
-    public static function RegisterHandle(User $user, array $data): array
+    public static function registerHandle(User $user, array $data): array
     {
         $serializer = WebAuthn::getSerializer();
         try {
@@ -88,7 +89,7 @@ class FIDO
         return ['ret' => 1, 'msg' => '注册成功'];
     }
 
-    public static function AssertRequest(User $user): array
+    public static function assertRequest(User $user): array
     {
         try {
             $serializer = WebAuthn::getSerializer();
@@ -122,7 +123,7 @@ class FIDO
         }
     }
 
-    public static function AssertHandle(?User $user, array $data): array
+    public static function assertHandle(?User $user, array $data): array
     {
         $serializer = WebAuthn::getSerializer();
         $publicKeyCredential = $serializer->deserialize(json_encode($data), PublicKeyCredential::class, 'json');
@@ -162,4 +163,4 @@ class FIDO
         $redis->del('fido_assertion_' . session_id());
         return ['ret' => 1, 'msg' => '验证成功', 'userid' => $user->id];
     }
-}
+}

src/Services/MFA/TOTP.php

@@ -21,7 +21,7 @@ final class TOTP
         return $ga->createSecret(32);
     }
 
-    public static function RegisterRequest(User $user): array
+    public static function registerRequest(User $user): array
     {
         try {
             $TOTPDevice = (new MFADevice())->where('userid', $user->id)
@@ -56,7 +56,7 @@ final class TOTP
         return 'otpauth://totp/' . rawurlencode($_ENV['appName']) . ':' . rawurlencode($user->email) . '?secret=' . $token . '&issuer=' . rawurlencode($_ENV['appName']);
     }
 
-    public static function RegisterHandle(User $user, string $code): array
+    public static function registerHandle(User $user, string $code): array
     {
         $redis = (new Cache())->initRedis();
         $token = $redis->get('totp_register_' . session_id());
@@ -79,7 +79,7 @@ final class TOTP
         return ['ret' => 1, 'msg' => '注册成功'];
     }
 
-    public static function AssertHandle(User $user, string $code): array
+    public static function assertHandle(User $user, string $code): array
     {
         try {
             $TOTPDevice = (new MFADevice())->where('userid', $user->id)

src/Services/MFA/WebAuthn.php

@@ -1,5 +1,7 @@
 <?php
 
+declare(strict_types=1);
+
 namespace App\Services\MFA;
 
 use App\Models\MFADevice;
@@ -35,11 +37,11 @@ use Webauthn\PublicKeyCredentialRpEntity;
 use Webauthn\PublicKeyCredentialSource;
 use Webauthn\PublicKeyCredentialUserEntity;
 
-class WebAuthn
+final class WebAuthn
 {
     public static int $timeout = 30_000;
 
-    public static function RegisterRequest(User $user): array
+    public static function registerRequest(User $user): array
     {
         $redis = (new Cache())->initRedis();
         try {
@@ -113,7 +115,7 @@ class WebAuthn
         return $factory->create();
     }
 
-    public static function AssertRequest(): array
+    public static function assertRequest(): array
     {
         try {
             $publicKeyCredentialRequestOptions = self::getPublicKeyCredentialRequestOptions();
@@ -140,7 +142,7 @@ class WebAuthn
         );
     }
 
-    public static function AssertHandle(array $data): array
+    public static function assertHandle(array $data): array
     {
         $serializer = self::getSerializer();
         $publicKeyCredential = $serializer->deserialize(json_encode($data), PublicKeyCredential::class, 'json');
@@ -160,7 +162,6 @@ class WebAuthn
         }
         $redis = (new Cache())->initRedis();
         try {
-
             $publicKeyCredentialRequestOptions = $serializer->deserialize(
                 $redis->get('webauthn_assertion_' . session_id()),
                 PublicKeyCredentialRequestOptions::class,
@@ -194,7 +195,7 @@ class WebAuthn
         );
     }
 
-    public static function RegisterHandle(User $user, array $data): array
+    public static function registerHandle(User $user, array $data): array
     {
         try {
             $serializer = self::getSerializer();
@@ -254,4 +255,4 @@ class WebAuthn
             ceremonyStepManager: $creationCSM
         );
     }
-}
+}

pest.php → tests/Pest.php

@@ -1,13 +1,15 @@
 <?php
 
+declare(strict_types=1);
+
 /**
  * Pest PHP configuration file
- * 
+ *
  * This file is loaded before each test run
  */
 
-use Tests\TestCase;
 use Tests\SlimTestCase;
+use Tests\TestCase;
 
 // Base test case for all tests
 uses(TestCase::class)->in('Unit');
@@ -18,11 +20,11 @@ function resetEnv(): void
 {
     // Store original ENV values
     static $originalEnv = null;
-    
+
     if ($originalEnv === null) {
         $originalEnv = $_ENV;
     }
-    
+
     // Reset to original
     $_ENV = $originalEnv;
 }
@@ -74,4 +76,4 @@ dataset('node_types', [
     ['shadowsocks_relay', 11],
     ['vmess', 1],
     ['trojan', 2],
-]);
+]);