/** * Sets/refreshes the "remember me" for the currently connected user. * If the headers have already been sent, this method returns false. * @throws BadMethodCallException If no user logged in. * @return boolean Whether the cookie was set. */ public function setLoginCookie() { $user = $this->getCurrentUser(); if ($user == null) { throw new BadMethodCallException("Tried to create 'Remember me' cookie while not logged in"); } if (headers_sent()) { return false; } $expires = time() + 60 * 60 * 24 * 30; // Expires in 30 days $hash = HashHelper::hash($expires . "|" . $user->getPasswordHashed()); $cookie_value = $user->getId() . "|" . $hash . "|" . $expires; setcookie(self::AUTHENTIATION_COOKIE, $cookie_value, $expires, '/'); return true; }
/** * Creates a new token. * @return RequestToken The token. */ public static final function generateNew() { return new RequestToken(HashHelper::randomString()); }
/** * Hashes the password using blowfish, or something weaker if blowfish is * not available. Using <code>crypt($pass,$hash)==$hash)</code> (or the * method verify_password) you can check if the given password matches the * hash. * @param string $password The password to hash. * @return string The hashed password. */ public static function hashPassword($password) { return HashHelper::hash($password); }