/** * Gets and sets the RememberMe class * * @param mixed $var A rememberMe instance to set * * @return RememberMe\RememberMe Returns the current rememberMe instance */ public function rememberMe($var = null) { if ($var !== null) { $this->rememberMe = $var; } if (!$this->rememberMe) { /** @var Config $config */ $config = $this->grav['config']; // Setup storage for RememberMe cookies $storage = new RememberMe\TokenStorage(); $this->rememberMe = new RememberMe\RememberMe($storage); $this->rememberMe->setCookieName($config->get('plugins.login.rememberme.name')); $this->rememberMe->setExpireTime($config->get('plugins.login.rememberme.timeout')); // Hardening cookies with user-agent and random salt or // fallback to use system based cache key $server_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'unknown'; $data = $server_agent . $config->get('security.salt', $this->grav['cache']->getKey()); $this->rememberMe->setSalt(hash('sha512', $data)); // Set cookie with correct base path of Grav install $cookie = new Cookie(); $cookie->setPath($this->grav['base_url_relative']); $this->rememberMe->setCookie($cookie); } return $this->rememberMe; }
/** * Gets and sets the RememberMe class * * @param mixed $var A rememberMe instance to set * * @return Authenticator Returns the current rememberMe instance */ public function rememberMe($var = null) { if ($var !== null) { $this->rememberMe = $var; } if (!$this->rememberMe) { /** @var Config $config */ $config = $this->grav['config']; // Setup storage for RememberMe cookies $storage = new RememberMe\TokenStorage(); $this->rememberMe = new RememberMe\RememberMe($storage); $this->rememberMe->setCookieName($config->get('plugins.login.rememberme.name')); $this->rememberMe->setExpireTime($config->get('plugins.login.rememberme.timeout')); // Hardening cookies with user-agent and system based cache key $data = $_SERVER['HTTP_USER_AGENT'] . $this->grav['cache']->getKey(); $this->rememberMe->setSalt(password_hash($data, PASSWORD_DEFAULT)); // Set cookie with correct base path of Grav install $cookie = new Cookie(); $cookie->setPath($this->grav['base_url_relative']); $this->rememberMe->setCookie($cookie); } return $this->rememberMe; }
/** * Gets and sets the RememberMe class * * @param mixed $var A rememberMe instance to set * * @return Authenticator Returns the current rememberMe instance */ public function rememberMe($var = null) { if ($var !== null) { $this->rememberMe = $var; } if (!$this->rememberMe) { /** @var Config $config */ $config = $this->grav['config']; // Setup storage for RememberMe cookies $storage = new RememberMe\TokenStorage(); $this->rememberMe = new RememberMe\RememberMe($storage); $this->rememberMe->setCookieName($config->get('plugins.login.rememberme.name')); $this->rememberMe->setExpireTime($config->get('plugins.login.rememberme.timeout')); // Secure cookies with system based hash $hash = $config->get('system.security.default_hash'); $this->rememberMe->setSalt($hash); // Set cookie with correct base path of Grav install $cookie = new Cookie(); $cookie->setPath($this->grav['base_url_relative']); $this->rememberMe->setCookie($cookie); } return $this->rememberMe; }
public function loggedIn() { $rememberMeStorage = new RemembermeMongoStorage($this->getDocumentManager()); $rememberMe = new Rememberme\Authenticator($rememberMeStorage); if (isset($_SESSION['userId']) && isset($_SESSION['expiresAt']) && $_SESSION['expiresAt'] > time()) { $_SESSION['expiresAt'] = time() + 3600; //Renew session on every activity return true; } else { if (!empty($_COOKIE[$rememberMe->getCookieName()]) && $rememberMe->cookieIsValid()) { // Remember me cookie $loginresult = $rememberMe->login(); if ($loginresult) { // Load user into session and return true // Set the session $_SESSION['userId'] = $loginresult; $_SESSION['expiresAt'] = time() + 3600; //1 hour $_SESSION['rememberedByCookie'] = true; } else { if ($rememberMe->loginTokenWasInvalid()) { throw new \Exception('Remember me cookie invalid!', Resource::STATUS_BAD_REQUEST); } } } else { return false; } } }
session_regenerate_id(true); session_destroy(); } header("Location: index.php"); exit; } // Normally you would store the credentials in a DB $username = "******"; $password = "******"; // Initialize RememberMe Library with file storage $storagePath = dirname(__FILE__) . "/tokens"; if (!is_writable($storagePath) || !is_dir($storagePath)) { die("'{$storagePath}' does not exist or is not writable by the web server.\n To run the example, please create the directory and give it the\n correct permissions."); } $storage = new Rememberme\Storage\File($storagePath); $rememberMe = new Rememberme\Authenticator($storage); // First, we initialize the session, to see if we are already logged in session_start(); if (!empty($_SESSION['username'])) { if (!empty($_GET['logout'])) { $rememberMe->clearCookie($_SESSION['username']); redirect(true); } if (!empty($_GET['completelogout'])) { $storage->cleanAllTriplets($_SESSION['username']); redirect(true); } // Check, if the Rememberme cookie exists and is still valid. // If not, we log out the current session if (!empty($_COOKIE[$rememberMe->getCookieName()]) && !$rememberMe->cookieIsValid()) { redirect(true);