Buffalo Eats Online API Documentation

ApiKey extends Model
in package

Model for API key management.

Handles creation, validation, and lifecycle of API bearer tokens used for REST API authentication. Keys are stored as SHA-256 hashes with an 8-character prefix for identification.

Tags
author

J.J. Johnson visionquest716@gmail.com

copyright

2026 VisionQuestServices LLC

Table of Contents

Constants

SCOPES  = ['orders:read', 'orders:write', 'menu:read', 'menu:write', 'customers:read', 'reservations:read', 'reservations:write', 'business:read', 'analytics:read']

Properties

$db  : PDO
$fillable  : array<string|int, mixed>
$primaryKey  : string
$table  : string

Methods

__construct()  : mixed
Initialize model with database connection.
all()  : array<string|int, mixed>
Get all records from the table.
count()  : int
Count records matching optional conditions.
countForBusiness()  : int
Count active API keys for a business.
create()  : int
Create a new record.
delete()  : bool
Delete a record by primary key.
find()  : array<string|int, mixed>|null
Find a record by primary key.
findBy()  : array<string|int, mixed>|null
Find a record by a specific field value.
findByKey()  : array<string|int, mixed>|null
Find an API key record by its hashed token value.
generateKey()  : array{plaintext: string, hash: string, prefix: string}
Generate a new API key pair (plaintext + hashed).
getDb()  : PDO
Get the underlying PDO connection.
getForBusiness()  : array<string|int, mixed>
Get all API keys for a business.
getForBusinessById()  : array<string|int, mixed>|null
Get a key ensuring it belongs to the given business.
paginate()  : array<string|int, mixed>
Paginate records matching conditions.
query()  : PDOStatement
Execute a raw SQL query with parameter binding.
touch()  : void
Update the last_used_at timestamp for a key.
update()  : bool
Update a record by primary key.
validate()  : array{valid: bool, error: string|null}
Validate an API key is active, not expired, and has the required scope.
where()  : array<string|int, mixed>
Find records matching conditions.
filterFillable()  : array<string|int, mixed>
Filter data to only include fillable fields.

Constants

SCOPES

public array<string|int, string> SCOPES = ['orders:read', 'orders:write', 'menu:read', 'menu:write', 'customers:read', 'reservations:read', 'reservations:write', 'business:read', 'analytics:read']

All available API scopes

Properties

$db

protected PDO $db

Database connection

$fillable

protected array<string|int, mixed> $fillable = ['business_id', 'name', 'api_key', 'api_key_prefix', 'scopes', 'rate_limit', 'is_active', 'last_used_at', 'expires_at']

Mass-assignable fields

$primaryKey

protected string $primaryKey = 'id'

Primary key column

$table

protected string $table = 'api_keys'

Database table name

Methods

__construct()

Initialize model with database connection.

public __construct() : mixed

all()

Get all records from the table.

public all([string $orderBy = 'id' ][, string $direction = 'ASC' ]) : array<string|int, mixed>
Parameters
$orderBy : string = 'id'

Column to order by

$direction : string = 'ASC'

Sort direction (ASC or DESC)

Return values
array<string|int, mixed>

count()

Count records matching optional conditions.

public count([array<string|int, mixed> $conditions = [] ]) : int
Parameters
$conditions : array<string|int, mixed> = []

Associative array of field => value pairs

Return values
int

countForBusiness()

Count active API keys for a business.

public countForBusiness(int $businessId) : int
Parameters
$businessId : int

Business ID

Return values
int

create()

Create a new record.

public create(array<string|int, mixed> $data) : int
Parameters
$data : array<string|int, mixed>

Associative array of field => value pairs

Return values
int

The ID of the newly created record

delete()

Delete a record by primary key.

public delete(int $id) : bool
Parameters
$id : int

Primary key value

Return values
bool

find()

Find a record by primary key.

public find(int $id) : array<string|int, mixed>|null
Parameters
$id : int

Primary key value

Return values
array<string|int, mixed>|null

findBy()

Find a record by a specific field value.

public findBy(string $field, mixed $value) : array<string|int, mixed>|null
Parameters
$field : string

Column name

$value : mixed

Value to match

Return values
array<string|int, mixed>|null

findByKey()

Find an API key record by its hashed token value.

public findByKey(string $plaintextKey) : array<string|int, mixed>|null
Parameters
$plaintextKey : string

The plaintext bearer token

Return values
array<string|int, mixed>|null

generateKey()

Generate a new API key pair (plaintext + hashed).

public static generateKey() : array{plaintext: string, hash: string, prefix: string}

Returns an array with 'plaintext' (shown once to client) and 'hash' (stored in DB). The plaintext key is prefixed with 'beo_' for easy identification.

Return values
array{plaintext: string, hash: string, prefix: string}

getDb()

Get the underlying PDO connection.

public getDb() : PDO
Return values
PDO

getForBusiness()

Get all API keys for a business.

public getForBusiness(int $businessId) : array<string|int, mixed>
Parameters
$businessId : int

Business ID

Return values
array<string|int, mixed>

getForBusinessById()

Get a key ensuring it belongs to the given business.

public getForBusinessById(int $id, int $businessId) : array<string|int, mixed>|null
Parameters
$id : int

Key ID

$businessId : int

Business ID

Return values
array<string|int, mixed>|null

paginate()

Paginate records matching conditions.

public paginate(array<string|int, mixed> $conditions, int $page, int $perPage[, string $orderBy = 'id' ][, string $direction = 'ASC' ]) : array<string|int, mixed>
Parameters
$conditions : array<string|int, mixed>

Associative array of field => value pairs

$page : int

Current page number (1-based)

$perPage : int

Records per page

$orderBy : string = 'id'

Column to order by

$direction : string = 'ASC'

Sort direction (ASC or DESC)

Return values
array<string|int, mixed>

Pagination result with data, total, page, per_page, total_pages

query()

Execute a raw SQL query with parameter binding.

public query(string $sql[, array<string|int, mixed> $params = [] ]) : PDOStatement
Parameters
$sql : string

SQL query string

$params : array<string|int, mixed> = []

Bound parameters

Return values
PDOStatement

touch()

Update the last_used_at timestamp for a key.

public touch(int $id) : void
Parameters
$id : int

API key ID

update()

Update a record by primary key.

public update(int $id, array<string|int, mixed> $data) : bool
Parameters
$id : int

Primary key value

$data : array<string|int, mixed>

Associative array of field => value pairs

Return values
bool

validate()

Validate an API key is active, not expired, and has the required scope.

public validate(array<string|int, mixed> $keyRecord[, string|null $scope = null ]) : array{valid: bool, error: string|null}
Parameters
$keyRecord : array<string|int, mixed>

The API key record from findByKey()

$scope : string|null = null

Required scope (e.g., 'orders:read')

Return values
array{valid: bool, error: string|null}

where()

Find records matching conditions.

public where(array<string|int, mixed> $conditions[, string $orderBy = 'id' ][, string $direction = 'ASC' ]) : array<string|int, mixed>
Parameters
$conditions : array<string|int, mixed>

Associative array of field => value pairs

$orderBy : string = 'id'

Column to order by

$direction : string = 'ASC'

Sort direction

Return values
array<string|int, mixed>

filterFillable()

Filter data to only include fillable fields.

protected filterFillable(array<string|int, mixed> $data) : array<string|int, mixed>
Parameters
$data : array<string|int, mixed>

Input data

Return values
array<string|int, mixed>

Filtered data


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results