Move generate_token() to Helper namespace
This commit is contained in:
Frederic Guillot
parent
55e4ab882c
commit
8ac08649e8
|
|
@ -3,6 +3,20 @@
|
|||
namespace Helper;
|
||||
|
||||
|
||||
function generate_token()
|
||||
{
|
||||
if (function_exists('random_bytes')) {
|
||||
return bin2hex(random_bytes(30));
|
||||
} elseif (function_exists('openssl_random_pseudo_bytes')) {
|
||||
return bin2hex(openssl_random_pseudo_bytes(30));
|
||||
} elseif (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
|
||||
return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));
|
||||
}
|
||||
|
||||
return hash('sha256', uniqid(mt_rand(), true));
|
||||
}
|
||||
|
||||
|
||||
function is_secure_connection()
|
||||
{
|
||||
return ! empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
namespace Model\Config;
|
||||
|
||||
use Helper;
|
||||
use Translator;
|
||||
use DirectoryIterator;
|
||||
use SimpleValidator\Validator;
|
||||
|
|
@ -214,7 +215,7 @@ function generate_csrf()
|
|||
$_SESSION['csrf'] = array();
|
||||
}
|
||||
|
||||
$token = generate_token();
|
||||
$token = Helper\generate_token();
|
||||
$_SESSION['csrf'][$token] = true;
|
||||
|
||||
return $token;
|
||||
|
|
@ -242,28 +243,15 @@ function check_csrf($token)
|
|||
return false;
|
||||
}
|
||||
|
||||
// Generate a token from /dev/urandom or with uniqid() if open_basedir is enabled
|
||||
function generate_token()
|
||||
{
|
||||
if (function_exists('random_bytes')) {
|
||||
return bin2hex(random_bytes(30));
|
||||
} elseif (function_exists('openssl_random_pseudo_bytes')) {
|
||||
return bin2hex(openssl_random_pseudo_bytes(30));
|
||||
} elseif (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
|
||||
return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));
|
||||
}
|
||||
|
||||
return hash('sha256', uniqid(mt_rand(), true));
|
||||
}
|
||||
|
||||
// Regenerate tokens for the API and bookmark feed
|
||||
function new_tokens()
|
||||
{
|
||||
$values = array(
|
||||
'api_token' => generate_token(),
|
||||
'feed_token' => generate_token(),
|
||||
'bookmarklet_token' => generate_token(),
|
||||
'fever_token' => substr(generate_token(), 0, 8),
|
||||
'api_token' => Helper\generate_token(),
|
||||
'feed_token' => Helper\generate_token(),
|
||||
'bookmarklet_token' => Helper\generate_token(),
|
||||
'fever_token' => substr(Helper\generate_token(), 0, 8),
|
||||
);
|
||||
|
||||
return Database::getInstance('db')->hashtable('settings')->put($values);
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
namespace Model\RememberMe;
|
||||
|
||||
use Helper;
|
||||
use PicoDb\Database;
|
||||
use Model\Config;
|
||||
use Model\Database as DatabaseModel;
|
||||
|
|
@ -130,8 +131,8 @@ function destroy()
|
|||
*/
|
||||
function create($dbname, $username, $ip, $user_agent)
|
||||
{
|
||||
$token = hash('sha256', $dbname.$username.$user_agent.$ip.Config\generate_token());
|
||||
$sequence = Config\generate_token();
|
||||
$token = hash('sha256', $dbname.$username.$user_agent.$ip.Helper\generate_token());
|
||||
$sequence = Helper\generate_token();
|
||||
$expiration = time() + EXPIRATION;
|
||||
|
||||
cleanup();
|
||||
|
|
@ -178,7 +179,7 @@ function cleanup()
|
|||
*/
|
||||
function update($token)
|
||||
{
|
||||
$new_sequence = Config\generate_token();
|
||||
$new_sequence = Helper\generate_token();
|
||||
|
||||
Database::getInstance('db')
|
||||
->table(TABLE)
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
namespace Schema;
|
||||
|
||||
use PDO;
|
||||
use Helper;
|
||||
use Model\Config;
|
||||
|
||||
const VERSION = 44;
|
||||
|
|
@ -180,7 +181,7 @@ function version_30(PDO $pdo)
|
|||
|
||||
function version_29(PDO $pdo)
|
||||
{
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN fever_token INTEGER DEFAULT "'.substr(Config\generate_token(), 0, 8).'"');
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN fever_token INTEGER DEFAULT "'.substr(Helper\generate_token(), 0, 8).'"');
|
||||
}
|
||||
|
||||
function version_28(PDO $pdo)
|
||||
|
|
@ -195,7 +196,7 @@ function version_27(PDO $pdo)
|
|||
|
||||
function version_26(PDO $pdo)
|
||||
{
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN bookmarklet_token TEXT DEFAULT "'.Config\generate_token().'"');
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN bookmarklet_token TEXT DEFAULT "'.Helper\generate_token().'"');
|
||||
}
|
||||
|
||||
function version_25(PDO $pdo)
|
||||
|
|
@ -276,7 +277,7 @@ function version_15(PDO $pdo)
|
|||
|
||||
function version_14(PDO $pdo)
|
||||
{
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN feed_token TEXT DEFAULT "'.Config\generate_token().'"');
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN feed_token TEXT DEFAULT "'.Helper\generate_token().'"');
|
||||
}
|
||||
|
||||
function version_13(PDO $pdo)
|
||||
|
|
@ -286,7 +287,7 @@ function version_13(PDO $pdo)
|
|||
|
||||
function version_12(PDO $pdo)
|
||||
{
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN api_token TEXT DEFAULT "'.Config\generate_token().'"');
|
||||
$pdo->exec('ALTER TABLE config ADD COLUMN api_token TEXT DEFAULT "'.Helper\generate_token().'"');
|
||||
}
|
||||
|
||||
function version_11(PDO $pdo)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,11 @@
|
|||
<?php
|
||||
|
||||
class HelperTest extends PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function testGenerateToken()
|
||||
{
|
||||
$token1 = Helper\generate_token();
|
||||
$token2 = Helper\generate_token();
|
||||
$this->assertNotEquals($token1, $token2);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue