/**
  * Get a new session ID that isn't assigned to any current session.
  *
  * @return string
  */
 public function id()
 {
     $session = array();
     // We'll containue generating random IDs until we find an ID that is
     // not currently assigned to a session. This is almost definitely
     // going to happen on the first iteration.
     do {
         $session = $this->load($id = Str::random(40));
     } while (!is_null($session));
     return $id;
 }
Пример #2
0
 public static function set_app_key($arguments = array())
 {
     $key = Str::random(array_get($arguments, 0, 32));
     // Set application config file key
     $config_path = path('app') . 'config' . DS . 'application' . EXT;
     $config = File::get($config_path);
     $newConfig = str_replace("'key' => '',", "'key' => '{$key}',", $config, $count);
     if (isset($newConfig) and $newConfig != '') {
         if ($count > 0) {
             File::put($config_path, $newConfig);
             Log::info('App configuration updated with secure key');
         }
     } else {
         Log::error('App configuration secure was not updated with secure key. A key already exists.');
     }
 }
Пример #3
0
 /**
  * Get a new session ID that isn't assigned to any current session.
  *
  * @return string
  */
 public function id()
 {
     $session = array();
     // If the driver is an instance of the Cookie driver, we are able to
     // just return any string since the Cookie driver has no real idea
     // of a server side persisted session with an ID.
     if ($this instanceof Cookie) {
         return Str::random(40);
     }
     // We'll continue generating random IDs until we find an ID that is
     // not currently assigned to a session. This is almost definitely
     // going to happen on the first iteration.
     do {
         $session = $this->load($id = Str::random(40));
     } while (!is_null($session));
     return $id;
 }
Пример #4
0
 /**
  * Generate a random key for the application.
  *
  * @param  array  $arguments
  * @return void
  */
 public function generate($arguments = array())
 {
     // By default the Crypter class uses AES-256 encryption which uses
     // a 32 byte input vector, so that is the length of string we will
     // generate for the application token unless another length is
     // specified through the CLI.
     $key = Str::random(array_get($arguments, 0, 32));
     $config = File::get($this->path);
     $config = str_replace("'key' => '',", "'key' => '{$key}',", $config, $count);
     File::put($this->path, $config);
     if ($count > 0) {
         echo "Configuration updated with secure key!";
     } else {
         echo "An application key already exists!";
     }
     echo PHP_EOL;
 }
Пример #5
0
 /**
  * Load the session for the current request.
  *
  * @param  string  $id
  * @return void
  */
 public function load($id)
 {
     if (!is_null($id)) {
         $this->session = $this->driver->load($id);
     }
     // If the session doesn't exist or is invalid we will create a new session
     // array and mark the session as being non-existent. Some drivers, such as
     // the database driver, need to know whether it exists.
     if (is_null($this->session) or static::expired($this->session)) {
         $this->exists = false;
         $this->session = $this->driver->fresh();
     }
     // A CSRF token is stored in every session. The token is used by the Form
     // class and the "csrf" filter to protect the application from cross-site
     // request forgery attacks. The token is simply a random string.
     if (!$this->has(Session::csrf_token)) {
         $this->put(Session::csrf_token, Str::random(40));
     }
 }
Пример #6
0
 /**
  * Test the Auth::recall method.
  *
  * @group laravel
  */
 public function testUserCanBeRecalledViaCookie()
 {
     Session::$instance = new Payload($this->getMock('Laravel\\Session\\Drivers\\Driver'));
     $cookie = Crypter::encrypt('1|' . Str::random(40));
     Cookie::forever('authloginstub_remember', $cookie);
     $auth = new AuthLoginStub();
     $this->assertEquals('Taylor Otwell', $auth->user()->name);
     $this->assertTrue($auth->user()->id === $_SERVER['auth.login.stub']['user']);
 }
Пример #7
0
 /**
  * Store a user's token in a long-lived cookie.
  *
  * @param  string  $token
  * @return void
  */
 protected function remember($token)
 {
     $token = Crypter::encrypt($token . '|' . Str::random(40));
     $this->cookie($this->recaller(), $token, Cookie::forever);
 }
Пример #8
0
 /**
  * Assign a new, random ID to the session.
  *
  * @return void
  */
 public function regenerate()
 {
     $this->session['id'] = Str::random(40);
     $this->exists = false;
 }
Пример #9
0
 public static function make($value, $rounds = 8)
 {
     $work = str_pad($rounds, 2, '0', STR_PAD_LEFT);
     if (function_exists('openssl_random_pseudo_bytes')) {
         $salt = openssl_random_pseudo_bytes(16);
     } else {
         $salt = Str::random(40);
     }
     $salt = substr(strtr(base64_encode($salt), '+', '.'), 0, 22);
     return crypt($value, '$2a$' . $work . '$' . $salt);
 }