/** * Generate a token for the currently logged in user. */ protected function drupalGetToken($value = '') { $private_key = drupal_get_private_key(); return drupal_hmac_base64($value, $this->session_id . $private_key); }
/** * Modify information about cookies set by other modules. * * In this example the simple nocache-cookie is replaced with a a HMAC bound to * the session. Note that for this example to be effective it is necessary to * implement a corresponding validation function suitable for the caching * backend in place. Point the variable authcache_builtin_nocache_get to the * name of an appropriate implementation when the default builtin cache backend * is used. * * $conf['authcache_builtin_nocache_get'] = 'my_nocache_get'; * * @see hook_authcache_cookie() * @see authcache_fix_cookies() * @see _authcacheinc_default_nocache_get() */ function hook_authcache_cookie_alter(&$cookies, $account) { global $user; if (!empty($cookies['nocache']['present'])) { if ($user->uid) { $hmac = drupal_hmac_base64('nocache', session_id() . variable_get('my_nocache_auth_key')); } else { $hmac = drupal_hmac_base64('nocache', ip_address() . variable_get('my_nocache_auth_key')); } $cookies['nocache']['value'] = $hmac; } }