Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Author: Darcey Lloyd
- * Email: Darcey@aftc.io
- */
- namespace AFTC\Framework\Libraries;
- use AFTC\Framework\Libraries\SessionLibrary;
- class TokenLibrary
- {
- /** @var SessionLibrary $session */
- private $session;
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- public function __construct()
- {
- $this->session = new SessionLibrary();
- }
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- public function setToken(){
- $token = bin2hex(random_bytes(32));
- $this->session->set("token",$token);
- return $token;
- }
- public function getToken(){
- return $this->session->get("token");
- }
- public function deleteToken(){
- return $this->session->delete("token");
- }
- public function validateToken($response_token){
- $token = $this->getToken();
- $this->deleteToken();
- if (hash_equals($token, $response_token)){
- return true;
- } else {
- return false;
- }
- }
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- public function setTokenByFormId($id){
- $form_token1 = bin2hex(random_bytes(32));
- $this->session->set("form_token1",$form_token1);
- $form_token2 = hash_hmac('sha256', $id, $form_token1);
- $this->session->set("form_token2",$form_token2);
- return $form_token2;
- }
- public function getFormTokens(){
- return [
- $this->session->get("form_token1"),
- $this->session->get("form_token2")
- ];
- }
- public function deleteFormTokens(){
- $this->session->delete("form_token1");
- $this->session->delete("form_token2");
- }
- public function validateFormToken($id,$token){
- $tokens = $this->getFormTokens();
- if ($tokens[0] === null || $tokens[1] === null){
- return false;
- }
- // Validate a rebuild of hmac
- $re_build = hash_hmac('sha256', $id, $tokens[0]);
- if (hash_equals($tokens[1],$re_build)){
- return true;
- } else {
- return false;
- }
- $this->deleteFormTokens();
- if (hash_equals($token, $tokens[1])){
- return true;
- } else {
- return false;
- }
- }
- // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- }
Add Comment
Please, Sign In to add comment