* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ namespace sqrlexample; use Trianglman\Sqrl\SqrlStoreInterface; require_once __DIR__ . '/../vendor/autoload.php'; session_start(); $config = new \Trianglman\Sqrl\SqrlConfiguration(); $config->load(__DIR__ . '/../config/sqrlconfig.json'); $store = new \Trianglman\Sqrl\SqrlStore($config); if (isset($_SESSION['publicKey'])) { $acccount = $store->retrieveAuthenticationRecord($_SESSION['publicKey'], array(SqrlStoreInterface::SUK, SqrlStoreInterface::VUK)); } if (empty($account)) { header('Location: /index.php', true, 303); //send the user back to the index page to get a new nonce } ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>SQRL Account</title> </head>
* * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ namespace sqrlexample; require_once __DIR__ . '/../../vendor/autoload.php'; $config = new \Trianglman\Sqrl\SqrlConfiguration(); $config->load(__DIR__ . '/../../config/sqrlconfig.json'); $db = new \PDO($config->getDsn(), $config->getUsername(), $config->getPassword()); $store = new \Trianglman\Sqrl\SqrlStore($config); $store->setDatabaseConnection($db); $validated = false; if (isset($_SESSION['nonce'])) { $validated = (int) $store->retrieveNutRecord($_SESSION['nonce'], array(\Trianglman\Sqrl\SqrlStoreInterface::VERIFIED)) > 0; if ($validated) { //TODO: create a utility function in SqrlStore that will do this work for the developer $SQL = "SELECT related_public_key FROM sqrl_nonce n JOIN sqrl_nonce_relationship r ON r.new_nonce = n.nonce WHERE r.old_nonce = ?"; $stmt = $db->prepare($SQL); $stmt->execute(array($_SESSION['nonce'])); $result = $stmt->fetchColumn(0); //Update the session with a user identifier instead of the nonce $_SESSION['publicKey'] = $result[0]; unset($_SESSION['nonce']); unset($_SESSION['generatedTime']); header('Location: /account.php', true, 303);