HmacTokenProvider
in package
implements
TokenProviderInterface
Uses
BadExpireTrait
CSRF HMAC based Token pattern provider.
It uses hash_hmac with sha3-384 algorithm and doesn't need storage to work.
Interfaces, Classes, Traits and Enums
- TokenProviderInterface
- Token provider interface.
Table of Contents
- __construct() : mixed
- Class constructor.
- getToken() : string
- Return new Hmac Token.
- validate() : bool
- Validate Hmac Token.
Methods
__construct()
Class constructor.
public
__construct(string $value, string $key[, int $expire = 600 ]) : mixed
Parameters
- $value : string
-
Value will be hashed inside token.
- $key : string
-
Secret key for the hmac.
- $expire : int = 600
-
Token validity in seconds, default 600 -> 10 minutes.
Tags
Return values
mixed —getToken()
Return new Hmac Token.
public
getToken() : string
Return values
string —The token in hex format.
validate()
Validate Hmac Token.
public
validate(string $token) : bool
Parameters
- $token : string
-
Token must be validated.
Return values
bool —True if the token is valid, false otherwise.