public static function generate() { $sk = base64_encode(Encryption::enc(self::getData(), self::getSalt())); return $sk; }
/** * For newly created sessions initial data is required, * such as client information, private salt and such. */ private function setup() { // No need? if (self::g('client') != "") { return; } // Setup! self::s('client', Encryption::enc($this->client, Site::getKey('session'))); self::s('created', date("Y-m-d H:i:s")); // Every Session use a unique key; see getInternalKey(). // $this->buildInternalKey(); $this->set("end", "now."); }
if (!($jdata = json_decode($data, true))) { throw new RuntimeException("Unable to parse input."); } if (empty($jdata["credentials"])) { throw new RuntimeException("Received credentials are missing."); } // Read credentials $cred_obj = explode(" ", base64_decode($jdata['credentials'])); if (count($cred_obj) < 2) { throw new RuntimeException("Received credentials are malformed."); } // This is where you normally handle the call, i.e.. $res = Api::handleRequest($jdata); // Username and passphrase successfully read. $username = $cred_obj[0]; $passphrase = $cred_obj[1]; // Set asymmetric key to be used in future communication $session = Session::getInstance(); $session->set(Session::TRANSPORT_KEY, Encryption::genGarbage(Session::KEYSIZE)); // Clear login key $session->set(Captcha::KEY_LOGIN, null); // Let's say that everything went well and Citizen $username was loaded successfully. $res = array("id" => 123, "username" => $username, Session::STORAGE_KEY => base64_encode(Session::getStorageKey()), Session::TRANSPORT_KEY => base64_encode($session->get(Session::TRANSPORT_KEY))); // This is where you normally pass $res (Api::handleRequest()) to whatever renderer is available. /* Output */ $output = json_encode(array("result" => $res)); die(Encryption::enc($output, $key)); } catch (Exception $e) { $output = json_encode(array("error" => array("code" => 1, "message" => $e->getMessage()))); trigger_error($e->getMessage()); die(Encryption::enc($output, $key)); }