/**
* login(): log in a user. The client must have requested a nonce first.
* @param string $nonce Nonce.
* @param string $username Username.
* @param string $password Password.
* @return TlonSoapResponse Result.
*/
public function login($nonce, $username, $password)
{
if (TlonNonce::check($nonce)) {
return $this->_login($username, $password);
} else {
return $this->returnFailure();
}
}
public function testAddCheck()
{
$nonce = TlonNonce::add();
$this->assertTrue((bool) $nonce);
$this->assertTrue(TlonNonce::check($nonce));
}
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
require_once 'class.tlondata.php';
require_once 'class.tlonhash.php';
TlonNonce::$TABLE = new TlonDataTable('tl_nonce', 'nonce, created');
class TlonNonce
{
public static $TABLE = null;
const MAX_AGE = 720;
# 2 minutes
/**
* add(): Make a new nonce, insert in the TABLE, and return it.
* @return string New nonce, or false if add failed.
*/
public static function add()
{
self::clean();
$nonce = TlonHash::hash(TlonHash::salt(), $_SERVER['REMOTE_ADDR']);
if (TlonData::insert(self::$TABLE, array($nonce, time()))) {
return $nonce;