secure fix
This commit is contained in:
parent
fc188482d0
commit
1d7ed112a7
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
$secure_config = [
|
$secure_config = [
|
||||||
'web_auth_type' => 'email_code', // login_password, email_code
|
'web_auth_type' => 'email_code', // login_password, email_code
|
||||||
'token_type' => 'crypt', // random_bytes, md5, crypt, hash, JWT
|
'token_type' => 'hash', // random_bytes, md5, crypt, hash, JWT
|
||||||
'token_expired_time' => "+30 days", // +1 day
|
'token_expired_time' => "+30 days", // +1 day
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|||||||
@ -36,14 +36,16 @@ class SecureRestController extends RestController
|
|||||||
$res = [];
|
$res = [];
|
||||||
if ($model) {
|
if ($model) {
|
||||||
if (password_verify($data["password"], $model->password_hash)) {
|
if (password_verify($data["password"], $model->password_hash)) {
|
||||||
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
if ($model->access_token_expires_at < date("Y-m-d H:i:s") or $model->access_token === null){
|
||||||
$model->access_token = match (App::$secure['token_type']) {
|
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
||||||
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
|
$model->access_token = match (App::$secure['token_type']) {
|
||||||
"md5" => TokenService::md5(),
|
"JWT" => TokenService::JWT($_ENV['SECRET_KEY'], 'HS256'),
|
||||||
"crypt" => TokenService::crypt(),
|
"md5" => TokenService::md5(),
|
||||||
"hash" => TokenService::hash('sha256'),
|
"crypt" => TokenService::crypt(),
|
||||||
default => TokenService::random_bytes(20),
|
"hash" => TokenService::hash('sha256'),
|
||||||
};
|
default => TokenService::random_bytes(20),
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
$res = [
|
$res = [
|
||||||
"access_token" => $model->access_token,
|
"access_token" => $model->access_token,
|
||||||
|
|||||||
@ -32,7 +32,7 @@ class TokenService
|
|||||||
*/
|
*/
|
||||||
public static function md5(): string
|
public static function md5(): string
|
||||||
{
|
{
|
||||||
return md5(microtime() . self::getSalt() . time());
|
return md5(microtime() . self::getSalt(10) . time());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -40,7 +40,7 @@ class TokenService
|
|||||||
*/
|
*/
|
||||||
public static function crypt(): string
|
public static function crypt(): string
|
||||||
{
|
{
|
||||||
return crypt(microtime(), self::getSalt());
|
return crypt(microtime(), self::getSalt(20));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -48,15 +48,15 @@ class TokenService
|
|||||||
*/
|
*/
|
||||||
public static function hash(string $alg): string
|
public static function hash(string $alg): string
|
||||||
{
|
{
|
||||||
return hash($alg, self::getSalt());
|
return hash($alg, self::getSalt(10));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @throws RandomException
|
* @throws RandomException
|
||||||
*/
|
*/
|
||||||
public static function getSalt(): string
|
public static function getSalt(int $length): string
|
||||||
{
|
{
|
||||||
return bin2hex(random_bytes(10));
|
return bin2hex(random_bytes($length));
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue
Block a user