coercive/token

Coercive Token time based Security

Maintainers

Details

github.com/Coercive/Token

Homepage

Source

Issues

Installs: 1 625

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 3

Forks: 0

Open Issues: 0

1.2.3 2021-06-15 23:21 UTC

Requires

  • php: >=7.0

MIT 757db9f08ba3f43d83dd5f9bdf3a983943bcab70

This package is auto-updated.

Last update: 2024-04-16 05:21:39 UTC

README

Token allows you to calculate a valid token for the current time and the time before or after. This token is based on the session code, a salt, and time server.

Get

composer require coercive/token

Usage

<?php
use Coercive\Security\Token\Token;

# REQUIRED : if not, Token throws you an exception
session_start();

# INIT
$Token = new Token(128, 'mySalt0123');

// The first parameter is the length of the random string used in the token
// The second parameter is the custom salt used in the token
// The thirth parameter allow you to specify where the token datas will be store
// The thourth parameter allow you to specify a name for the default global token (if noname)

# CREATE a token
$myKey = $Token->create('example');

# SEND this token with a form (for example)
# and test like this
if( $Token->check( $myKey , 'example' ) ) {
    echo 'Good token !';
    $Token->delete('example');
} else {
    die('Wrong token detected');
}

For form load by AJAX or other complex detection

<?php

$Token->check( $myKey , 'example', 'http://www.my-custom-referer');

# OR

$Token->check( $myKey , 'example', [
    'http://www.my-custom-referer-1',
    'http://www.my-custom-referer-2',
    'http://www.my-custom-referer-3'
]);

Get token for others usages

<?php

# A basic random string
Token::rand(256);

# A uniq id based on session, salt, random string...
$Token->uniqId();

# A basic (unsafe) token based on datetime
$Token->timer();

# You can use a crypt for customise the timer token
$crypt = 1234567890;
$Token->timer(crypt);