From cf146973f20d0f3d2d7e5b7d783561a0790ac424 Mon Sep 17 00:00:00 2001
From: essae <essae.wizdom.ca>
Date: Sat, 24 May 2025 17:21:52 -0400
Subject: [PATCH] feat(unsubscribe): secure token-based unsubscribe flow with
 flexible services

- Created TokenService for generic HMAC token generation and validation
- Created UnsubscribeTokenService to wrap TokenService with email+timestamp logic and TTL
- Updated UnsubscribeController to require valid signed tokens for GET /unsubscribe
- Token is generated using email + ts + shared secret, validated against TTL (default 24h)
- Confirm view now inaccessible unless accessed via system-generated link
- Deprecated static helper in favor of service architecture
---
 app/Controllers/VerificationController.php    |  4 +-
 app/Services/TokenService.php                 | 48 +++++++++++++++++
 app/Services/UnsubscribeTokenService.php      | 51 +++++++++++++++++++
 app/Utilities/UnsubscribeTokenHelper.php      | 45 ++++++++++++++++
 resources/views/layouts/arsha.php             |  4 +-
 resources/views/layouts/header.php            |  4 +-
 resources/views/pages/404.php                 | 35 +++++++++++++
 resources/views/pages/unsubscribe_confirm.php | 51 ++++++++++++-------
 resources/views/pages/unsubscribe_failed.php  | 25 +++++++--
 resources/views/pages/unsubscribe_success.php | 35 +++++++++----
 resources/views/pages/verify_failed.php       | 23 ++++-----
 resources/views/pages/verify_success.php      | 12 ++---
 12 files changed, 280 insertions(+), 57 deletions(-)
 create mode 100644 app/Services/TokenService.php
 create mode 100644 app/Services/UnsubscribeTokenService.php
 create mode 100644 app/Utilities/UnsubscribeTokenHelper.php
 create mode 100644 resources/views/pages/404.php

diff --git a/app/Controllers/VerificationController.php b/app/Controllers/VerificationController.php
index 9bf13d0..87bc281 100644
--- a/app/Controllers/VerificationController.php
+++ b/app/Controllers/VerificationController.php
@@ -1,7 +1,7 @@
 <?php
 /**
  * File: VerificationController.php
- * Version: 1.10
+ * Version: 1.11
  * Path: /app/Controllers/VerificationController.php
  * Purpose: Handles email verification for newsletter and contact messages, including code expiration and attempt logging.
  *          Now wired to use EmailService for all post-verification messaging, including unified contact+newsletter handling.
@@ -114,7 +114,7 @@ public function verify(string $code): void
         }
 
         // Mark the submission as verified
-        $update = $db->prepare("UPDATE $table SET is_verified = 1, verification_code = NULL WHERE id = ?");
+        $update = $db->prepare("UPDATE $table SET is_verified = 1 WHERE id = ?");
         $update->execute([$subscriber['id']]);
 
         Logger::info("Subscriber verified: ID {$subscriber['id']} via $type");
diff --git a/app/Services/TokenService.php b/app/Services/TokenService.php
new file mode 100644
index 0000000..80fda19
--- /dev/null
+++ b/app/Services/TokenService.php
@@ -0,0 +1,48 @@
+<?php
+/**
+ * File: TokenService.php
+ * Version: 1.0
+ * Path: app/Services/
+ * Purpose: Provides generic token generation and validation using HMAC.
+ */
+
+namespace WizdomNetworks\WizeWeb\Services;
+
+class TokenService
+{
+    /**
+     * Generate an HMAC token from a string payload.
+     *
+     * @param string $data     The string to sign (e.g. email+timestamp).
+     * @param string $secret   Secret key.
+     * @return string          HMAC token.
+     */
+    public function generate(string $data, string $secret): string
+    {
+        return hash_hmac('sha256', $data, $secret);
+    }
+
+    /**
+     * Validate a token against expected data, with optional TTL enforcement.
+     *
+     * @param string $data     Original payload used to generate token.
+     * @param string $token    Supplied token.
+     * @param string $secret   Secret key used to validate.
+     * @param int|null $timestamp Unix timestamp used in original payload.
+     * @param int $ttlSeconds  Time-to-live in seconds (default 86400 = 1 day).
+     * @return bool
+     */
+    public function isValid(string $data, string $token, string $secret, ?int $timestamp = null, int $ttlSeconds = 86400): bool
+    {
+        $expected = $this->generate($data, $secret);
+        if (!hash_equals($expected, $token)) {
+            return false;
+        }
+
+        if ($timestamp !== null && abs(time() - $timestamp) > $ttlSeconds) {
+            return false;
+        }
+
+        return true;
+    }
+}
diff --git a/app/Services/UnsubscribeTokenService.php b/app/Services/UnsubscribeTokenService.php
new file mode 100644
index 0000000..1242c43
--- /dev/null
+++ b/app/Services/UnsubscribeTokenService.php
@@ -0,0 +1,51 @@
+<?php
+/**
+ * File: UnsubscribeTokenService.php
+ * Version: 1.0
+ * Path: app/Services/
+ * Purpose: Wrapper for generating and validating unsubscribe tokens using TokenService.
+ */
+
+namespace WizdomNetworks\WizeWeb\Services;
+
+use WizdomNetworks\WizeWeb\Services\TokenService;
+
+class UnsubscribeTokenService
+{
+    private TokenService $tokenService;
+    private string $secret;
+    private int $ttl;
+
+    public function __construct(TokenService $tokenService)
+    {
+        $this->tokenService = $tokenService;
+        $this->secret = $_ENV['UNSUBSCRIBE_SECRET'] ?? 'changeme';
+        $this->ttl = 86400; // default: 24 hours
+    }
+
+    /**
+     * Create an unsubscribe token.
+     *
+     * @param string $email
+     * @param int $timestamp
+     * @return string
+     */
+    public function generate(string $email, int $timestamp): string
+    {
+        return $this->tokenService->generate($email . $timestamp, $this->secret);
+    }
+
+    /**
+     * Validate an unsubscribe token.
+     *
+     * @param string $email
+     * @param int $timestamp
+     * @param string $token
+     * @return bool
+     */
+    public function isValid(string $email, int $timestamp, string $token): bool
+    {
+        $data = $email . $timestamp;
+        return $this->tokenService->isValid($data, $token, $this->secret, $timestamp, $this->ttl);
+    }
+}
diff --git a/app/Utilities/UnsubscribeTokenHelper.php b/app/Utilities/UnsubscribeTokenHelper.php
new file mode 100644
index 0000000..aea0f0d
--- /dev/null
+++ b/app/Utilities/UnsubscribeTokenHelper.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ * File: UnsubscribeTokenHelper.php
+ * Version: 1.0
+ * Path: app/Utilities/
+ * Purpose: Provides secure token generation and validation for unsubscribe links.
+ */
+
+namespace WizdomNetworks\WizeWeb\Utilities;
+
+class UnsubscribeTokenHelper
+{
+    /**
+     * Generate a secure token for an email + timestamp
+     *
+     * @param string $email
+     * @param int $timestamp
+     * @return string
+     */
+    public static function generate(string $email, int $timestamp): string
+    {
+        $secret = $_ENV['UNSUBSCRIBE_SECRET'] ?? 'changeme';
+        return hash_hmac('sha256', $email . $timestamp, $secret);
+    }
+
+    /**
+     * Validate a token with an expiration window (default 24h)
+     *
+     * @param string $email
+     * @param int $timestamp
+     * @param string $token
+     * @param int $validForSeconds
+     * @return bool
+     */
+    public static function isValid(string $email, int $timestamp, string $token, int $validForSeconds = 86400): bool
+    {
+        $expected = self::generate($email, $timestamp);
+        if (!hash_equals($expected, $token)) {
+            return false;
+        }
+
+        // Check timestamp freshness
+        return abs(time() - $timestamp) <= $validForSeconds;
+    }
+}
diff --git a/resources/views/layouts/arsha.php b/resources/views/layouts/arsha.php
index 7c14f82..e01f9b0 100644
--- a/resources/views/layouts/arsha.php
+++ b/resources/views/layouts/arsha.php
@@ -16,7 +16,9 @@
   <!-- Preloader -->
   <div id="preloader"></div>
 
-  <?php include __DIR__ . '/header.php'; ?>
+    <!-- Header -->
+      <?php include __DIR__ . '/header.php'; ?>
+
 
   <!-- Page Content -->
   <?= $content ?>
diff --git a/resources/views/layouts/header.php b/resources/views/layouts/header.php
index 1422657..7532715 100644
--- a/resources/views/layouts/header.php
+++ b/resources/views/layouts/header.php
@@ -8,8 +8,10 @@
 
 <!-- insert actual nav here -->
 <?php  
-	use WizdomNetworks\WizeWeb\Core\View;
+use WizdomNetworks\WizeWeb\Core\View;
+if (empty($hideNavbar) || $hideNavbar !== true){
 	View::renderPartial('navbar');
+}
 ?>
 <!-- end nav -->
 </div>
diff --git a/resources/views/pages/404.php b/resources/views/pages/404.php
new file mode 100644
index 0000000..6d75e95
--- /dev/null
+++ b/resources/views/pages/404.php
@@ -0,0 +1,35 @@
+<?php
+// File: 404.php
+// Version: 1.0
+// Purpose: Custom 404 error page with Wizdom branding.
+
+use WizdomNetworks\WizeWeb\Core\View;
+
+ob_start();
+?>
+
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
+  <div class="container text-center">
+    <div class="icon mb-4" style="padding-top: 3rem;">
+      <i class="bi bi-question-circle text-warning" style="font-size: 4rem;"></i>
+    </div>
+    <h2 class="mb-3">Oops... This page got lost in the cloud</h2>
+    <p class="lead">
+      The page you’re looking for doesn’t exist or may have been moved.<br>
+      But hey, we’re Wizdom Networks — we can find anything. Almost.
+    </p>
+
+    <div class="my-4">
+      <img src="/assets/img/lost-in-the-cloud.webp" alt="404 - Not Found" class="img-fluid rounded shadow" style="max-width: 400px;">
+    </div>
+
+    <div class="mt-5 text-center">
+      <a href="/" class="btn btn-outline-primary">Return to Home</a>
+    </div>
+  </div>
+</section>
+
+<?php
+$html = ob_get_clean();
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
+?>
diff --git a/resources/views/pages/unsubscribe_confirm.php b/resources/views/pages/unsubscribe_confirm.php
index 5781008..34450a7 100644
--- a/resources/views/pages/unsubscribe_confirm.php
+++ b/resources/views/pages/unsubscribe_confirm.php
@@ -1,29 +1,42 @@
-<section class="newsletter-action section pt-5">
+<?php
+// File: unsubscribe_confirm.php
+// Version: 2.0
+// Purpose: Asks user to confirm they want to unsubscribe before processing.
+
+use WizdomNetworks\WizeWeb\Core\View;
+
+ob_start();
+?>
+
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
   <div class="container text-center">
-    <div class="icon mb-4">
-      <i class="bi bi-envelope-x text-warning" style="font-size: 4rem;"></i>
+    <div class="icon mb-4" style="padding-top: 3rem;">
+      <i class="bi bi-check-circle text-success" style="font-size: 4rem;"></i>
     </div>
-    <h2 class="mb-3">Unsubscribe from “Words of Wizdom”</h2>
-    <p class="lead">We’re sorry to see you go. If you’d like to stop receiving our emails, confirm below.</p>
+    <h2 class="mb-3">Are you sure you want to unsubscribe?</h2>
+    <p class="lead">
+  We'll miss you! If you'd still like to stop receiving emails from us, confirm below.
+</p>
 
     <div class="my-4">
-      <img src="/assets/img/newsletter-thanks.webp" alt="Unsubscribe" class="img-fluid rounded shadow" style="max-width: 400px;">
+      <img src="/assets/img/unsubscribed.webp" alt="Unsubscribed" class="img-fluid rounded shadow" style="max-width: 400px;">
     </div>
 
-    <form action="/unsubscribe" method="post" class="row justify-content-center mt-3" style="max-width: 600px; margin: 0 auto;">
-      <input type="hidden" name="email" value="<?= htmlspecialchars($email) ?>">
+    <form action="/unsubscribe" method="post" class="row justify-content-center mt-4">
+  <input type="hidden" name="email" value="<?= htmlspecialchars($email ?? '') ?>">
 
-      <div class="col-12 mb-3">
-        <textarea name="unsubscribe_reason" class="form-control" rows="3" placeholder="Optional: Let us know why you’re leaving"></textarea>
-      </div>
+  <div class="col-12 mb-3">
+    <textarea name="unsubscribe_reason" rows="3" class="form-control" placeholder="Optional: Let us know why you're unsubscribing..."></textarea>
+  </div>
 
-      <div class="col-12">
-        <button type="submit" class="btn btn-danger">Unsubscribe Me</button>
-      </div>
-    </form>
-
-    <div class="mt-4">
-      <a href="/" class="btn btn-outline-secondary">Never mind — take me back</a>
-    </div>
+  <div class="col-12 text-center">
+    <button type="submit" class="btn btn-danger">Confirm Unsubscribe</button>
+  </div>
+</form>
   </div>
 </section>
+
+<?php
+$html = ob_get_clean();
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
+?>
diff --git a/resources/views/pages/unsubscribe_failed.php b/resources/views/pages/unsubscribe_failed.php
index b462300..6afb044 100644
--- a/resources/views/pages/unsubscribe_failed.php
+++ b/resources/views/pages/unsubscribe_failed.php
@@ -1,17 +1,34 @@
-<section class="newsletter-action section pt-5">
+<?php
+// File: unsubscribe_failed.php
+// Version: 1.0
+// Purpose: Displays error message if an unsubscribe request fails or is invalid.
+
+use WizdomNetworks\WizeWeb\Core\View;
+
+ob_start();
+?>
+
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
   <div class="container text-center">
-    <div class="icon mb-4">
+    <div class="icon mb-4" style="padding-top: 3rem;">
       <i class="bi bi-x-circle text-danger" style="font-size: 4rem;"></i>
     </div>
     <h2 class="mb-3">Unsubscribe Failed</h2>
-    <p class="lead"><?= htmlspecialchars($reason) ?></p>
+    <p class="lead">
+      <?= htmlspecialchars($reason ?? 'We were unable to process your unsubscribe request.') ?>
+    </p>
 
     <div class="my-4">
       <img src="/assets/img/newsletter-thanks.webp" alt="Error" class="img-fluid rounded shadow" style="max-width: 400px;">
     </div>
 
-    <div class="mt-4">
+    <div class="mt-4 text-center">
       <a href="/" class="btn btn-outline-primary">Return to Home</a>
     </div>
   </div>
 </section>
+
+<?php
+$html = ob_get_clean();
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
+?>
diff --git a/resources/views/pages/unsubscribe_success.php b/resources/views/pages/unsubscribe_success.php
index 53f87fd..793bcb1 100644
--- a/resources/views/pages/unsubscribe_success.php
+++ b/resources/views/pages/unsubscribe_success.php
@@ -1,22 +1,35 @@
-<section class="newsletter-action section pt-5">
+<?php
+// File: unsubscribe_success.php
+// Version: 1.1
+// Purpose: Confirmation message shown after a successful unsubscribe (used as success view).
+
+use WizdomNetworks\WizeWeb\Core\View;
+
+ob_start();
+?>
+
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
   <div class="container text-center">
-    <div class="icon mb-4">
+    <div class="icon mb-4" style="padding-top: 3rem;">
       <i class="bi bi-check-circle text-success" style="font-size: 4rem;"></i>
     </div>
-    <h2 class="mb-3">You’ve Been Unsubscribed</h2>
+    <h2 class="mb-3">Unsubscribe Successful</h2>
     <p class="lead">
-      We’ve removed <strong><?= htmlspecialchars($email) ?></strong> from our mailing list.
-      <?php if (!empty($alreadyUnsubscribed)): ?>
-        (You were already unsubscribed.)
-      <?php endif; ?>
-    </p>
+  You've successfully been removed from our mailing list.<br>
+  If this was a mistake, you can re-subscribe anytime.
+</p>
 
     <div class="my-4">
-      <img src="/assets/img/newsletter-thanks.webp" alt="Unsubscribed" class="img-fluid rounded shadow" style="max-width: 400px;">
+      <img src="/assets/img/unsubscribed.webp" alt="Unsubscribed" class="img-fluid rounded shadow" style="max-width: 400px;">
     </div>
 
-    <div class="mt-4">
-      <a href="/" class="btn btn-primary">Return to Home</a>
+    <div class="mt-5 text-center">
+      <a href="/" class="btn btn-outline-primary">Return to Home</a>
     </div>
   </div>
 </section>
+
+<?php
+$html = ob_get_clean();
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
+?>
diff --git a/resources/views/pages/verify_failed.php b/resources/views/pages/verify_failed.php
index 88d5fc1..7837490 100644
--- a/resources/views/pages/verify_failed.php
+++ b/resources/views/pages/verify_failed.php
@@ -1,18 +1,16 @@
 <?php
 // File: verify_failed.php
-// Version: 1.1
-// Path: /resources/views/pages/verify_failed.php
+// Version: 1.2
 // Purpose: Displays failure message and allows resend of verification links.
-// Project: Wizdom Networks Website
 
 use WizdomNetworks\WizeWeb\Core\View;
 
 ob_start();
 ?>
 
-<section class="verify-section section pt-5">
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
   <div class="container text-center">
-    <div class="icon mb-4">
+    <div class="icon mb-4" style="padding-top: 3rem;">
       <i class="bi bi-x-circle text-danger" style="font-size: 4rem;"></i>
     </div>
     <h2 class="mb-3">Verification Failed</h2>
@@ -42,18 +40,17 @@ ob_start();
       </form>
     </div>
 <?php else: ?>
-    <div class="mt-4">
-      <a href="/" class="btn btn-primary">Start a New Submission</a>
-    </div>
+    <div class="mt-4 text-center">
+  <a href="/" class="btn btn-primary">Start a New Submission</a>
+</div>
 <?php endif; ?>
-    </div>
 
-    <div class="mt-4">
-      <a href="/" class="btn btn-outline-primary">Return to Home</a>
-    </div>
+    <div class="mt-4 text-center">
+  <a href="/" class="btn btn-outline-primary">Return to Home</a>
+</div>
   </div>
 </section>
 <?php
 $html = ob_get_clean();
-View::render('layouts/arsha', ['content' => $html]);
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
 ?>
diff --git a/resources/views/pages/verify_success.php b/resources/views/pages/verify_success.php
index b7fbdd6..7a2fced 100644
--- a/resources/views/pages/verify_success.php
+++ b/resources/views/pages/verify_success.php
@@ -8,9 +8,9 @@ use WizdomNetworks\WizeWeb\Core\View;
 ob_start();
 ?>
 
-<section class="verify-section section pt-5">
+<section class="verify-section section pt-5" style="padding-top: 7rem;">
   <div class="container text-center">
-    <div class="icon mb-4">
+    <div class="icon mb-4" style="padding-top: 3rem;">
       <i class="bi bi-check-circle text-success" style="font-size: 4rem;"></i>
     </div>
     <h2 class="mb-3">Email Verified</h2>
@@ -51,12 +51,12 @@ ob_start();
     <?php endif; ?>
 
     <!-- Return Button -->
-    <div class="mt-5">
-      <a href="/" class="btn btn-outline-primary">Return to Home</a>
-    </div>
+    <div class="mt-5 text-center">
+  <a href="/" class="btn btn-outline-primary">Return to Home</a>
+</div>
   </div>
 </section>
 <?php
 $html = ob_get_clean();
-View::render('layouts/arsha', ['content' => $html]);
+View::render('layouts/arsha', ['content' => $html, 'hideNavbar' => true]);
 ?>
\ No newline at end of file