mirror of
https://github.com/skipperbent/simple-php-router.git
synced 2026-07-10 22:12:13 +00:00
ed1ac74e7a
- Fixed updatae causing middlewares to sometimes load on wrong routes. - Converted project to PSR/2. - Updated InputCollection class and added get method for easy access to values. - Complete refactor of RouterBase. - Added findRoute method to RouterBase. - It's now possible to change parameter modifiers and symbol by overwriting properties on RouterBase. - Added RouterUrlTest unit-test for testing route-urls. - Added IRestController that can be easily implemented in custom ResourceController-classes. - It's now possible to use "-" instead of "_" when using getHeader method in Request class. - Added PHPDocs. - Fixed "/" route sometimes returning "//" as url. - Optimisations and bugfixes.
68 lines
1.1 KiB
PHP
68 lines
1.1 KiB
PHP
<?php
|
|
namespace Pecee;
|
|
|
|
class CsrfToken
|
|
{
|
|
const CSRF_KEY = 'XSRF-TOKEN';
|
|
|
|
protected $token;
|
|
|
|
/**
|
|
* Generate random identifier for CSRF token
|
|
*
|
|
* @return string
|
|
*/
|
|
public static function generateToken()
|
|
{
|
|
if (function_exists('mcrypt_create_iv')) {
|
|
return bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
|
|
}
|
|
return bin2hex(openssl_random_pseudo_bytes(32));
|
|
}
|
|
|
|
/**
|
|
* Validate valid CSRF token
|
|
*
|
|
* @param string $token
|
|
* @return bool
|
|
*/
|
|
public function validate($token)
|
|
{
|
|
if ($token !== null && $this->getToken() !== null) {
|
|
return hash_equals($token, $this->getToken());
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Set csrf token cookie
|
|
*
|
|
* @param $token
|
|
*/
|
|
public function setToken($token)
|
|
{
|
|
setcookie(static::CSRF_KEY, $token, time() + 60 * 120, '/');
|
|
}
|
|
|
|
/**
|
|
* Get csrf token
|
|
* @return string|null
|
|
*/
|
|
public function getToken()
|
|
{
|
|
if ($this->hasToken()) {
|
|
return $_COOKIE[static::CSRF_KEY];
|
|
}
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* Returns whether the csrf token has been defined
|
|
* @return bool
|
|
*/
|
|
public function hasToken()
|
|
{
|
|
return isset($_COOKIE[static::CSRF_KEY]);
|
|
}
|
|
|
|
} |