/**
* Validate a token.
*
* Tokens should be deleted if they are generated as one-time tokens
* with a unique ID each time. If the are per-session, then they should be
* generated with the same unique ID and not deleted when validated here.
*
* @param string $token Token to validate.
* @param boolean $delete Whether to delete the token if valid.
* @param boolean $checkExpire Whether to check for token expiry.
*
* @return boolean
*/
public function validate($token, $delete = true, $checkExpire = true)
{
if (!$token) {
return false;
}
list($id, $hash, $timestamp) = $this->tokenGenerator->decode($token);
$decoded = array('id' => $id, 'time' => $timestamp);
// Garbage collect the session.
$this->tokenGenerator->garbageCollection();
// Check if token ID exists first.
$stored = $this->storage->get($decoded['id']);
if (!$stored) {
return false;
}
// Check if the token has been tampered with.
$duplicateToken = $this->tokenGenerator->generate($decoded['id'], $decoded['time'])->getToken();
if ($stored['token'] !== $duplicateToken) {
$this->storage->delete($decoded['id']);
return false;
}
// Check if token has expired.
if ($checkExpire) {
$timeDiff = (int) $decoded['time'] + $this->tokenGenerator->getMaxLifetime() - time();
if ($timeDiff < 0) {
$this->storage->delete($decoded['id']);
return false;
}
}
// All checked out, delete the token and return true.
if ($delete) {
$this->storage->delete($decoded['id']);
}
return true;
}
/**
* @param $index
* @return Node|null
*/
protected function _get($index)
{
if ($this->storage === null) {
return null;
}
$data = $this->storage->get($index);
if ($data === null) {
return null;
}
$node = new Node();
$node->pointer = $index;
$node->unpack($data);
return $node;
}
/**
* returns the info on the last user's request
*
* @return NULL array
*/
public function getRequest()
{
return $this->storage->get();
}
/**
* Returns a value from storage searched by it' key
*
* @param string $key
* Id of element in storage
*/
public function get($key)
{
return $this->storage->get($key);
}
