Security.php
3.18 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php
namespace Phalcon {
/**
* Phalcon\Security
*
* This component provides a set of functions to improve the security in Phalcon applications
*
*<code>
* $login = $this->request->getPost('login');
* $password = $this->request->getPost('password');
*
* $user = Users::findFirstByLogin($login);
* if ($user) {
* if ($this->security->checkHash($password, $user->password)) {
* //The password is valid
* }
* }
*</code>
*/
class Security implements \Phalcon\DI\InjectionAwareInterface {
protected $_dependencyInjector;
protected $_workFactor;
protected $_numberBytes;
protected $_csrf;
/**
* Sets the dependency injector
*
* @param \Phalcon\DiInterface $dependencyInjector
*/
public function setDI($dependencyInjector){ }
/**
* Returns the internal dependency injector
*
* @return \Phalcon\DiInterface
*/
public function getDI(){ }
/**
* Sets a number of bytes to be generated by the openssl pseudo random generator
*
* @param string $randomBytes
*/
public function setRandomBytes($randomBytes){ }
/**
* Returns a number of bytes to be generated by the openssl pseudo random generator
*
* @return string
*/
public function getRandomBytes(){ }
/**
* Sets the default working factor for bcrypts password's salts
*
* @param int $workFactor
*/
public function setWorkFactor($workFactor){ }
/**
* Returns the default working factor for bcrypts password's salts
*
* @return int
*/
public function getWorkFactor(){ }
/**
* Generate a >22-length pseudo random string to be used as salt for passwords
*
* @return string
*/
public function getSaltBytes(){ }
/**
* Creates a password hash using bcrypt with a pseudo random salt
*
* @param string $password
* @param int $workFactor
* @return string
*/
public function hash($password, $workFactor=null){ }
/**
* Checks a plain text password and its hash version to check if the password matches
*
* @param string $password
* @param string $passwordHash
* @param int $maxPasswordLength
* @return boolean
*/
public function checkHash($password, $passwordHash, $maxPasswordLength=null){ }
/**
* Checks if a password hash is a valid bcrypt's hash
*
* @param string $password
* @param string $passwordHash
* @return boolean
*/
public function isLegacyHash($passwordHash){ }
/**
* Generates a pseudo random token key to be used as input's name in a CSRF check
*
* @param int $numberBytes
* @return string
*/
public function getTokenKey($numberBytes=null){ }
/**
* Generates a pseudo random token value to be used as input's value in a CSRF check
*
* @param int $numberBytes
* @return string
*/
public function getToken($numberBytes=null){ }
/**
* Check if the CSRF token sent in the request is the same that the current in session
*
* @param string $tokenKey
* @param string $tokenValue
* @return boolean
*/
public function checkToken($tokenKey=null, $tokenValue=null){ }
/**
* Returns the value of the CSRF token in session
*
* @return string
*/
public function getSessionToken(){ }
}
}