public static function generate()
{
$sk = base64_encode(Encryption::enc(self::getData(), self::getSalt()));
return $sk;
}
/**
* For newly created sessions initial data is required,
* such as client information, private salt and such.
*/
private function setup()
{
// No need?
if (self::g('client') != "") {
return;
}
// Setup!
self::s('client', Encryption::enc($this->client, Site::getKey('session')));
self::s('created', date("Y-m-d H:i:s"));
// Every Session use a unique key; see getInternalKey().
//
$this->buildInternalKey();
$this->set("end", "now.");
}
if (!($jdata = json_decode($data, true))) {
throw new RuntimeException("Unable to parse input.");
}
if (empty($jdata["credentials"])) {
throw new RuntimeException("Received credentials are missing.");
}
// Read credentials
$cred_obj = explode(" ", base64_decode($jdata['credentials']));
if (count($cred_obj) < 2) {
throw new RuntimeException("Received credentials are malformed.");
}
// This is where you normally handle the call, i.e.. $res = Api::handleRequest($jdata);
// Username and passphrase successfully read.
$username = $cred_obj[0];
$passphrase = $cred_obj[1];
// Set asymmetric key to be used in future communication
$session = Session::getInstance();
$session->set(Session::TRANSPORT_KEY, Encryption::genGarbage(Session::KEYSIZE));
// Clear login key
$session->set(Captcha::KEY_LOGIN, null);
// Let's say that everything went well and Citizen $username was loaded successfully.
$res = array("id" => 123, "username" => $username, Session::STORAGE_KEY => base64_encode(Session::getStorageKey()), Session::TRANSPORT_KEY => base64_encode($session->get(Session::TRANSPORT_KEY)));
// This is where you normally pass $res (Api::handleRequest()) to whatever renderer is available.
/* Output */
$output = json_encode(array("result" => $res));
die(Encryption::enc($output, $key));
} catch (Exception $e) {
$output = json_encode(array("error" => array("code" => 1, "message" => $e->getMessage())));
trigger_error($e->getMessage());
die(Encryption::enc($output, $key));
}
