SignatureHasher
in package
Creates and validates secure hashes used in login links and remember-me cookies.
Tags
Table of Contents
Properties
- $expiredSignaturesStorage : mixed
- $maxUses : int|null
- $propertyAccessor : mixed
- $secret : string
- $signatureProperties : array<string|int, mixed>
Methods
- __construct() : mixed
- acceptSignatureHash() : void
- Verifies the hash using the provided user identifier and expire time.
- computeSignatureHash() : string
- Computes the secure hash for the provided user and expire time.
- verifySignatureHash() : void
- Verifies the hash using the provided user and expire time.
- generateHash() : string
Properties
$expiredSignaturesStorage
private
mixed
$expiredSignaturesStorage
$maxUses
private
int|null
$maxUses
$propertyAccessor
private
mixed
$propertyAccessor
$secret
private
string
$secret
$signatureProperties
private
array<string|int, mixed>
$signatureProperties
Methods
__construct()
public
__construct(PropertyAccessorInterface $propertyAccessor, array<string|int, mixed> $signatureProperties, string $secret[, ExpiredSignatureStorage|null $expiredSignaturesStorage = null ][, int|null $maxUses = null ]) : mixed
Parameters
- $propertyAccessor : PropertyAccessorInterface
- $signatureProperties : array<string|int, mixed>
-
Properties of the User; the hash is invalidated if these properties change
- $secret : string
- $expiredSignaturesStorage : ExpiredSignatureStorage|null = null
-
If provided, secures a sequence of hashes that are expired
- $maxUses : int|null = null
-
Used together with $expiredSignatureStorage to allow a maximum usage of a hash
acceptSignatureHash()
Verifies the hash using the provided user identifier and expire time.
public
acceptSignatureHash(string $userIdentifier, int $expires, string $hash) : void
This method must be called before the user object is loaded from a provider.
Parameters
- $userIdentifier : string
- $expires : int
-
The expiry time as a unix timestamp
- $hash : string
-
The plaintext hash provided by the request
Tags
computeSignatureHash()
Computes the secure hash for the provided user and expire time.
public
computeSignatureHash(UserInterface $user, int $expires) : string
Parameters
- $user : UserInterface
- $expires : int
-
The expiry time as a unix timestamp
Return values
stringverifySignatureHash()
Verifies the hash using the provided user and expire time.
public
verifySignatureHash(UserInterface $user, int $expires, string $hash) : void
Parameters
- $user : UserInterface
- $expires : int
-
The expiry time as a unix timestamp
- $hash : string
-
The plaintext hash provided by the request
Tags
generateHash()
private
generateHash(string $tokenValue) : string
Parameters
- $tokenValue : string