pforret / digestif
This is my package digestif
Fund package maintenance!
pforret
Requires
- php: ^8.1
Requires (Dev)
- laravel/pint: ^1.2
- phpunit/phpunit: ^9.5
README
Package to create a digest of a string/array, to be used in creating unique unguessable URLs/folder names.
Installation
You can install the package via composer:
composer require pforret/digestif
Usage
use Pforret\Digestif\Digestif; $dig = new Digestif(env("DIGEST_SEED")); // seed value should be unique for that server/application. // It's important that it is not known to the outside world. // It should be the same for the application creating the Digest as the one reading/verifying it $url = "https://secure.example.com/invoice/1200323"; // if you make your URL like this, the URL for the other invoices can be guessed (e.g. 1200324, etc) $digest = $dig->fromString($url); $secure_url = "$url/$digest"; // URL = https://secure.example.com/invoice/1200323/0a1b-2c3d // using a route /invoice/{id}/{digest} will allow you to verify the digest // the URL of the next invoice 1200324 cannot be guessed without knowing the seed value // or use this $secure_url = "$url?$digest"; //URL = https://secure.example.com/invoice/1200323?0a1b-2c3d // and then verify the digest before showing the actual invoice if(!$dig->compareDigest($dig->fromString($url), $digest)){ return false; } // 0a1b-2c3d will be ok, as 0a1b2c3d (without dash)
## Testing
```bash
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.