public function testHashData() { $data = 'known data'; $key = 'secret'; $hashedData = Security::hashData($data, $key); $this->assertFalse($data === $hashedData); $this->assertEquals($data, Security::validateData($hashedData, $key)); $hashedData[strlen($hashedData) - 1] = 'A'; $this->assertFalse(Security::validateData($hashedData, $key)); }
/** * Sends the cookies to the client. */ protected function sendCookies() { if ($this->_cookies === null) { return; } $request = Yii::$app->getRequest(); if ($request->enableCookieValidation) { $validationKey = $request->getCookieValidationKey(); } foreach ($this->getCookies() as $cookie) { $value = $cookie->value; if ($cookie->expire != 1 && isset($validationKey)) { $value = Security::hashData(serialize($value), $validationKey); } setcookie($cookie->name, $value, $cookie->expire, $cookie->path, $cookie->domain, $cookie->secure, $cookie->httpOnly); } $this->getCookies()->removeAll(); }
public function processResponse($event) { /** @var \yii\web\Response $response */ $response = $event->sender; $request = Yii::$app->getRequest(); $this->headers = $response->getHeaders()->toArray(); $response->getHeaders()->removeAll(); $this->statusCode = $response->getStatusCode(); $cookies = $response->getCookies(); if ($request->enableCookieValidation) { $validationKey = $request->getCookieValidationKey(); } foreach ($cookies as $cookie) { /** @var \yii\web\Cookie $cookie */ $value = $cookie->value; if ($cookie->expire != 1 && isset($validationKey)) { $value = Security::hashData(serialize($value), $validationKey); } $c = new Cookie($cookie->name, $value, $cookie->expire, $cookie->path, $cookie->domain, $cookie->secure, $cookie->httpOnly); $this->getCookieJar()->set($c); } $cookies->removeAll(); }
public function getUniqueToken($id = null) { $id = is_null($id) ? $this->user_id : $id; switch (($user = User::find((int) $id)) == null) { case true: throw new NotFoundHttpException('The requested user does not exist.'); break; } switch ($user->api_key == null) { case true: $user->generateApiToken(); break; } return \yii\helpers\Security::hashData(uniqid(), $user->api_key, 'fnv164'); }