geckon01/simple-php-router
1
0
Fork 0
mirror of https://github.com/skipperbent/simple-php-router.git synced 2026-06-17 00:37:52 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d6bdcbe70c906b28d6c4e14d3ce8f795aca0a220
simple-php-router/src/Pecee/CsrfToken.php
T
Simon Sessingø 1ba05b923c [FEATURE] Csrf token 
- Added functionality to CsrfToken class.
- Added header support to Request class.
- Added option to set BaseCsrfVerifier class in RouterBase and
  SimpleRouter.
2015-10-21 18:12:53 +02:00

60 lines
1.3 KiB
PHP
Raw Blame History

<?php
namespace Pecee;
class CsrfToken {
const CSRF_KEY = 'XSRF-TOKEN';
protected $token;
public function __construct() {
if($this->getToken() === null) {
$this->setToken($this->generateToken());
}
}
/**
* Generate random identifier for CSRF token
* @return string
*/
public static function generateToken() {
if (function_exists('mcrypt_create_iv')) {
return bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
}
return bin2hex(openssl_random_pseudo_bytes(32));
}
/**
* Validate valid CSRF token
*
* @param string $token
* @return bool
*/
public function validate($token) {
if($token !== null && $this->getToken() !== null) {
return hash_equals($token, $this->getToken());
}
return false;
}
/**
* Set csrf token cookie
*
* @param $token
*/
public function setToken($token) {
setcookie(self::CSRF_KEY, $token, time() + 60 * 120, '/');
}
/**
* Get csrf token
* @return string|null
*/
public function getToken(){
if(isset($_COOKIE[self::CSRF_KEY])) {
return $_COOKIE[self::CSRF_KEY];
}
return null;
}
}
Reference in New Issue View Git Blame Copy Permalink