Guest User

Untitled

a guest
Aug 10th, 2018
121
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.84 KB | None | 0 0
  1. <?php
  2. /**
  3. * Author: Darcey Lloyd
  4. * Email: Darcey@aftc.io
  5. */
  6.  
  7. namespace AFTC\Framework\Libraries;
  8.  
  9.  
  10. use AFTC\Framework\Libraries\SessionLibrary;
  11.  
  12. class TokenLibrary
  13. {
  14. /** @var SessionLibrary $session */
  15. private $session;
  16. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  17.  
  18.  
  19. public function __construct()
  20. {
  21. $this->session = new SessionLibrary();
  22. }
  23. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  24.  
  25.  
  26. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  27. public function setToken(){
  28. $token = bin2hex(random_bytes(32));
  29. $this->session->set("token",$token);
  30. return $token;
  31. }
  32.  
  33. public function getToken(){
  34. return $this->session->get("token");
  35. }
  36.  
  37. public function deleteToken(){
  38. return $this->session->delete("token");
  39. }
  40.  
  41. public function validateToken($response_token){
  42. $token = $this->getToken();
  43. $this->deleteToken();
  44. if (hash_equals($token, $response_token)){
  45. return true;
  46. } else {
  47. return false;
  48. }
  49. }
  50. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  51.  
  52.  
  53.  
  54. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  55. public function setTokenByFormId($id){
  56. $form_token1 = bin2hex(random_bytes(32));
  57. $this->session->set("form_token1",$form_token1);
  58.  
  59. $form_token2 = hash_hmac('sha256', $id, $form_token1);
  60. $this->session->set("form_token2",$form_token2);
  61. return $form_token2;
  62. }
  63.  
  64. public function getFormTokens(){
  65. return [
  66. $this->session->get("form_token1"),
  67. $this->session->get("form_token2")
  68. ];
  69. }
  70.  
  71. public function deleteFormTokens(){
  72. $this->session->delete("form_token1");
  73. $this->session->delete("form_token2");
  74. }
  75.  
  76. public function validateFormToken($id,$token){
  77. $tokens = $this->getFormTokens();
  78.  
  79. if ($tokens[0] === null || $tokens[1] === null){
  80. return false;
  81. }
  82.  
  83. // Validate a rebuild of hmac
  84. $re_build = hash_hmac('sha256', $id, $tokens[0]);
  85. if (hash_equals($tokens[1],$re_build)){
  86. return true;
  87. } else {
  88. return false;
  89. }
  90.  
  91. $this->deleteFormTokens();
  92.  
  93. if (hash_equals($token, $tokens[1])){
  94. return true;
  95. } else {
  96. return false;
  97. }
  98. }
  99. // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  100.  
  101.  
  102.  
  103. }
Add Comment
Please, Sign In to add comment