Finished token validation
This commit is contained in:
Marcin Kurczewski
parent
9882e84aa6
commit
9cc8d03376
5 changed files with 40 additions and 40 deletions
|
|
@ -88,7 +88,6 @@ class Mailer
|
|||
//prepare unique user token
|
||||
$token = TokenModel::spawn();
|
||||
$token->setUser($user);
|
||||
$token->setText(TokenModel::forgeUnusedToken());
|
||||
$token->setUsed(false);
|
||||
$token->setExpirationTime(null);
|
||||
TokenModel::save($token);
|
||||
|
|
|
|||
|
|
@ -4,19 +4,19 @@ use \Chibi\Database as Database;
|
|||
|
||||
final class PostEntity extends AbstractEntity implements IValidatable
|
||||
{
|
||||
protected $type;
|
||||
protected $name;
|
||||
protected $origName;
|
||||
protected $fileHash;
|
||||
protected $fileSize;
|
||||
protected $mimeType;
|
||||
protected $safety;
|
||||
protected $hidden;
|
||||
protected $uploadDate;
|
||||
protected $imageWidth;
|
||||
protected $imageHeight;
|
||||
protected $uploaderId;
|
||||
protected $source;
|
||||
private $type;
|
||||
private $name;
|
||||
private $origName;
|
||||
private $fileHash;
|
||||
private $fileSize;
|
||||
private $mimeType;
|
||||
private $safety;
|
||||
private $hidden;
|
||||
private $uploadDate;
|
||||
private $imageWidth;
|
||||
private $imageHeight;
|
||||
private $uploaderId;
|
||||
private $source;
|
||||
|
||||
public function fillNew()
|
||||
{
|
||||
|
|
|
|||
|
|
@ -8,6 +8,18 @@ final class TokenEntity extends AbstractEntity implements IValidatable
|
|||
|
||||
public function fillNew()
|
||||
{
|
||||
$this->used = false;
|
||||
|
||||
$tokenText = '';
|
||||
while (true)
|
||||
{
|
||||
$tokenText = md5(mt_rand() . uniqid());
|
||||
$token = TokenModel::tryGetByToken($tokenText);
|
||||
if (!$token)
|
||||
break;
|
||||
}
|
||||
|
||||
$this->token = $tokenText;
|
||||
}
|
||||
|
||||
public function fillFromDatabase($row)
|
||||
|
|
@ -21,7 +33,8 @@ final class TokenEntity extends AbstractEntity implements IValidatable
|
|||
|
||||
public function validate()
|
||||
{
|
||||
//todo
|
||||
if (empty($this->token))
|
||||
throw new Exception('Trying to save empty token');
|
||||
}
|
||||
|
||||
public function getText()
|
||||
|
|
|
|||
|
|
@ -4,20 +4,20 @@ use \Chibi\Database as Database;
|
|||
|
||||
final class UserEntity extends AbstractEntity implements IValidatable
|
||||
{
|
||||
protected $name;
|
||||
protected $passSalt;
|
||||
protected $passHash;
|
||||
protected $staffConfirmed;
|
||||
protected $emailUnconfirmed;
|
||||
protected $emailConfirmed;
|
||||
protected $joinDate;
|
||||
protected $lastLoginDate;
|
||||
protected $accessRank;
|
||||
private $name;
|
||||
private $passSalt;
|
||||
private $passHash;
|
||||
private $staffConfirmed;
|
||||
private $emailUnconfirmed;
|
||||
private $emailConfirmed;
|
||||
private $joinDate;
|
||||
private $lastLoginDate;
|
||||
private $accessRank;
|
||||
public $settings;
|
||||
protected $banned = false;
|
||||
private $banned = false;
|
||||
|
||||
protected $__passwordChanged = false;
|
||||
protected $__password;
|
||||
private $__passwordChanged = false;
|
||||
private $__password;
|
||||
|
||||
public function fillNew()
|
||||
{
|
||||
|
|
@ -55,7 +55,7 @@ final class UserEntity extends AbstractEntity implements IValidatable
|
|||
throw new Exception('Trying to save anonymous user into database');
|
||||
}
|
||||
|
||||
protected function validateUserName()
|
||||
private function validateUserName()
|
||||
{
|
||||
$userName = $this->getName();
|
||||
$config = getConfig();
|
||||
|
|
|
|||
|
|
@ -72,16 +72,4 @@ final class TokenModel extends AbstractCrudModel
|
|||
if ($token->getExpirationTime() !== null and time() > $token->getExpirationTime())
|
||||
throw new SimpleException('This token has expired');
|
||||
}
|
||||
|
||||
public static function forgeUnusedToken()
|
||||
{
|
||||
$tokenText = '';
|
||||
while (true)
|
||||
{
|
||||
$tokenText = md5(mt_rand() . uniqid());
|
||||
$token = self::tryGetByToken($tokenText);
|
||||
if (!$token)
|
||||
return $tokenText;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue