* $login = $this->request->getPost('login'); * $password = $this->request->getPost('password'); * * $user = Users::findFirstByLogin($login); * if ($user) { * if ($this->security->checkHash($password, $user->password)) { * //The password is valid * } * } * */ class Security implements \Phalcon\DI\InjectionAwareInterface { protected $_dependencyInjector; protected $_workFactor; protected $_numberBytes; protected $_csrf; /** * Sets the dependency injector * * @param \Phalcon\DiInterface $dependencyInjector */ public function setDI($dependencyInjector){ } /** * Returns the internal dependency injector * * @return \Phalcon\DiInterface */ public function getDI(){ } /** * Sets a number of bytes to be generated by the openssl pseudo random generator * * @param string $randomBytes */ public function setRandomBytes($randomBytes){ } /** * Returns a number of bytes to be generated by the openssl pseudo random generator * * @return string */ public function getRandomBytes(){ } /** * Sets the default working factor for bcrypts password's salts * * @param int $workFactor */ public function setWorkFactor($workFactor){ } /** * Returns the default working factor for bcrypts password's salts * * @return int */ public function getWorkFactor(){ } /** * Generate a >22-length pseudo random string to be used as salt for passwords * * @return string */ public function getSaltBytes(){ } /** * Creates a password hash using bcrypt with a pseudo random salt * * @param string $password * @param int $workFactor * @return string */ public function hash($password, $workFactor=null){ } /** * Checks a plain text password and its hash version to check if the password matches * * @param string $password * @param string $passwordHash * @param int $maxPasswordLength * @return boolean */ public function checkHash($password, $passwordHash, $maxPasswordLength=null){ } /** * Checks if a password hash is a valid bcrypt's hash * * @param string $password * @param string $passwordHash * @return boolean */ public function isLegacyHash($passwordHash){ } /** * Generates a pseudo random token key to be used as input's name in a CSRF check * * @param int $numberBytes * @return string */ public function getTokenKey($numberBytes=null){ } /** * Generates a pseudo random token value to be used as input's value in a CSRF check * * @param int $numberBytes * @return string */ public function getToken($numberBytes=null){ } /** * Check if the CSRF token sent in the request is the same that the current in session * * @param string $tokenKey * @param string $tokenValue * @return boolean */ public function checkToken($tokenKey=null, $tokenValue=null){ } /** * Returns the value of the CSRF token in session * * @return string */ public function getSessionToken(){ } } }