creste secret key
This commit is contained in:
parent
7ccf0957bf
commit
c9fe2f160a
@ -8,4 +8,6 @@ DB_COLLATION=utf8_unicode_ci
|
||||
DB_PREFIX=''
|
||||
|
||||
VIEWS_PATH=/views
|
||||
VIEWS_CACHE_PATH=/views_cache
|
||||
VIEWS_CACHE_PATH=/views_cache
|
||||
|
||||
SECRET_KEY=''
|
@ -6,6 +6,7 @@ $dotenv->load();
|
||||
|
||||
include_once __DIR__ . "/bootstrap/db.php";
|
||||
include_once __DIR__ . "/bootstrap/header.php";
|
||||
include_once __DIR__ . "/bootstrap/secure.php";
|
||||
const ROOT_DIR = __DIR__;
|
||||
const KERNEL_DIR = __DIR__ . "/kernel";
|
||||
const KERNEL_MODULES_DIR = __DIR__ . "/kernel/modules";
|
||||
|
8
bootstrap/secure.php
Normal file
8
bootstrap/secure.php
Normal file
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
$secure_config = [
|
||||
'token_type' => 'random_bytes', // random_bytes, md5, crypt, hash
|
||||
'token_expired_time' => "+30 days", // +1 day
|
||||
];
|
||||
|
||||
\kernel\App::$secure = $secure_config;
|
@ -16,7 +16,8 @@
|
||||
"itguild/eloquent-table": "^0.4.1",
|
||||
"ext-zip": "*",
|
||||
"josantonius/session": "^2.0",
|
||||
"firebase/php-jwt": "^6.10"
|
||||
"firebase/php-jwt": "^6.10",
|
||||
"k-adam/env-editor": "^2.0"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
|
55
composer.lock
generated
55
composer.lock
generated
@ -4,7 +4,7 @@
|
||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "c51d9ca5b40e143a4d89e80120b7cba8",
|
||||
"content-hash": "da3890f2b5b477bf758306141b8c8583",
|
||||
"packages": [
|
||||
{
|
||||
"name": "brick/math",
|
||||
@ -1038,6 +1038,57 @@
|
||||
],
|
||||
"time": "2024-05-20T09:12:44+00:00"
|
||||
},
|
||||
{
|
||||
"name": "k-adam/env-editor",
|
||||
"version": "2.0.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/K-Adam/php-env-editor.git",
|
||||
"reference": "894855dff5df4e6fce3c83dd00941a19f99fc5d5"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/K-Adam/php-env-editor/zipball/894855dff5df4e6fce3c83dd00941a19f99fc5d5",
|
||||
"reference": "894855dff5df4e6fce3c83dd00941a19f99fc5d5",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": ">=8.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"phpunit/phpunit": "9.5"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"EnvEditor\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Adam Kecskes",
|
||||
"email": "kecskes.adam@outlook.com"
|
||||
}
|
||||
],
|
||||
"description": ".env editor library",
|
||||
"keywords": [
|
||||
"dot-env",
|
||||
"env",
|
||||
"env-editor",
|
||||
"env-loader",
|
||||
"env-php",
|
||||
"env-writer"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/K-Adam/php-env-editor/issues",
|
||||
"source": "https://github.com/K-Adam/php-env-editor/tree/2.0.0"
|
||||
},
|
||||
"time": "2022-06-05T11:17:23+00:00"
|
||||
},
|
||||
{
|
||||
"name": "madesimple/php-arrays",
|
||||
"version": "v2.1.0",
|
||||
@ -2625,5 +2676,5 @@
|
||||
"ext-zip": "*"
|
||||
},
|
||||
"platform-dev": [],
|
||||
"plugin-api-version": "2.6.0"
|
||||
"plugin-api-version": "2.3.0"
|
||||
}
|
||||
|
@ -20,6 +20,8 @@ class App
|
||||
|
||||
static User $user;
|
||||
|
||||
static array $secure;
|
||||
|
||||
public ModuleService $moduleService;
|
||||
|
||||
public static Database $db;
|
||||
|
25
kernel/console/controllers/SecureController.php
Normal file
25
kernel/console/controllers/SecureController.php
Normal file
@ -0,0 +1,25 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\console\controllers;
|
||||
|
||||
use kernel\console\ConsoleController;
|
||||
use kernel\services\TokenService;
|
||||
use Random\RandomException;
|
||||
|
||||
class SecureController extends ConsoleController
|
||||
{
|
||||
|
||||
/**
|
||||
* @throws RandomException
|
||||
*/
|
||||
public function actionCreateSecretKey(): void
|
||||
{
|
||||
$envFile = \EnvEditor\EnvFile::loadFrom(ROOT_DIR . "/.env");
|
||||
|
||||
$envFile->setValue("SECRET_KEY", TokenService::random_bytes(15));
|
||||
|
||||
$envFile->saveTo(ROOT_DIR . "/.env");
|
||||
$this->out->r("Secret key successfully created.", "green");
|
||||
}
|
||||
|
||||
}
|
@ -17,6 +17,10 @@ App::$collector->group(["prefix" => "admin-theme"], callback: function (RouteCol
|
||||
App::$collector->console('uninstall', [\kernel\console\controllers\AdminThemeController::class, 'actionUninstallTheme']);
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "secure"], callback: function (RouteCollector $router){
|
||||
App::$collector->console('create-secret-key', [\kernel\console\controllers\SecureController::class, 'actionCreateSecretKey']);
|
||||
});
|
||||
|
||||
App::$collector->group(["prefix" => "admin"], callback: function (RouteCollector $router){
|
||||
App::$collector->console('init', [\kernel\console\controllers\AdminConsoleController::class, 'actionInit']);
|
||||
});
|
||||
|
@ -5,10 +5,12 @@ namespace kernel\modules\secure\controllers;
|
||||
use Firebase\JWT\JWT;
|
||||
use Firebase\JWT\Key;
|
||||
use JetBrains\PhpStorm\NoReturn;
|
||||
use kernel\App;
|
||||
use kernel\helpers\Debug;
|
||||
use kernel\modules\user\models\User;
|
||||
use kernel\Request;
|
||||
use kernel\RestController;
|
||||
use kernel\services\TokenService;
|
||||
|
||||
class SecureRestController extends RestController
|
||||
{
|
||||
@ -25,21 +27,13 @@ class SecureRestController extends RestController
|
||||
$res = [];
|
||||
if ($model) {
|
||||
if (password_verify($data["password"], $model->password_hash)) {
|
||||
$baseUrl = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
|
||||
$baseUrl .= $_SERVER['HTTP_HOST'];
|
||||
// $baseUrl .= $_SERVER['REQUEST_URI'];;
|
||||
$jwt = JWT::encode(
|
||||
payload: [
|
||||
"iat" => time(),
|
||||
"exp" => date("Y-m-d H:i:s", strtotime("+30 days"))
|
||||
],
|
||||
key: $model->password_hash,
|
||||
alg: 'HS256'
|
||||
);
|
||||
|
||||
$model->access_token = $jwt;
|
||||
$model->access_token_expires_at =
|
||||
JWT::decode($jwt, new Key($model->password_hash, 'HS256'))->exp;
|
||||
$model->access_token_expires_at = date("Y-m-d H:i:s", strtotime(App::$secure['token_expired_time']));
|
||||
switch (App::$secure['token_type']){
|
||||
case "JWT":
|
||||
$model->access_token = TokenService::JWT($_ENV['SECRET_KEY'], 'HS256');
|
||||
default:
|
||||
$model->access_token = TokenService::random_bytes(20);
|
||||
}
|
||||
|
||||
$res = [
|
||||
"access_token" => $model->access_token,
|
||||
|
29
kernel/services/TokenService.php
Normal file
29
kernel/services/TokenService.php
Normal file
@ -0,0 +1,29 @@
|
||||
<?php
|
||||
|
||||
namespace kernel\services;
|
||||
|
||||
use Firebase\JWT\JWT;
|
||||
use Random\RandomException;
|
||||
|
||||
class TokenService
|
||||
{
|
||||
|
||||
public static function JWT(string|\OpenSSLCertificate|\OpenSSLAsymmetricKey $key, string $alg, array $payload = []): string
|
||||
{
|
||||
return JWT::encode(
|
||||
payload: $payload,
|
||||
key: $key,
|
||||
alg: $alg
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws RandomException
|
||||
*/
|
||||
public static function random_bytes(int $ln): string
|
||||
{
|
||||
$token = random_bytes($ln);
|
||||
return bin2hex($token);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user