Skip to content

Instantly share code, notes, and snippets.

@AlitaTeal
Created January 1, 2015 02:13
Show Gist options
  • Save AlitaTeal/e8f95affc1538d0bba74 to your computer and use it in GitHub Desktop.
Save AlitaTeal/e8f95affc1538d0bba74 to your computer and use it in GitHub Desktop.
<?php
namespace MyApp\CoreOverrides;
class SecurityToken
{
private $_di;
private $_session;
private $_request;
private $_byteLength = 32;
public function __construct (\Phalcon\DI $di)
{
$this->_di = $di;
$this->_session = $this->_di->getShared('session');
$this->_request = $this->_di->getShared('request');
}
public function isAlreadyGenerated()
{
return (!empty($this->_session->csrfToken) && !empty($this->_session->csrfTokenKey));
}
public function generateKeyValuePair ()
{
$this->_session->csrfToken = openssl_random_pseudo_bytes($this->_byteLength);
$this->_session->csrfTokenKey = uniqid();
}
public function getToken () {
if ($this->_session->get('csrfToken', null, False))
{
return $this->_session->csrfToken;
}
return $this->_session->csrfToken = openssl_random_pseudo_bytes();
}
public function getTokenKey () {
if ($this->_session->get('csrfTokenKey', null, False))
{
return $this->_session->csrfTokenKey;
}
return $this->_session->csrfTokenKey = uniqid();
}
public function checkToken () {
$sessionToken = $this->_session->csrfToken;
$sessionKey = $this->_session->csrfTokenKey;
$formToken = $this->_request->get($sessionKey, null, False);
// var_dump($formToken, $sessionKey);exit;
if (False == $formToken)
{
throw new \Phalcon\Exception('CSRF Token Not Found');
}
if (strcmp($sessionToken, $formToken) === 0)
{
return true;
}
return false;
}
public function getByteLength () {
throw new \Phalcon\Exception('Not Yet Implemented');
}
public function setByteLength () {
throw new \Phalcon\Exception('Not Yet Implemented');
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment