summaryrefslogtreecommitdiff
path: root/app/frontend/user/SecurityManager.php
diff options
context:
space:
mode:
authoremkael <emkael@tlen.pl>2016-10-31 17:22:13 +0100
committeremkael <emkael@tlen.pl>2016-10-31 17:22:59 +0100
commit53597812732c7891b087ef9de9788b824326dd93 (patch)
tree72b8077d20d7484f63065c0700e875c721ded450 /app/frontend/user/SecurityManager.php
parent92b23923644d22b1e422631bc18fd1527b0b5399 (diff)
* SecurityManager which persist validation/encryption keys outside of global state cache
Diffstat (limited to 'app/frontend/user/SecurityManager.php')
-rw-r--r--app/frontend/user/SecurityManager.php85
1 files changed, 85 insertions, 0 deletions
diff --git a/app/frontend/user/SecurityManager.php b/app/frontend/user/SecurityManager.php
new file mode 100644
index 0000000..b83174c
--- /dev/null
+++ b/app/frontend/user/SecurityManager.php
@@ -0,0 +1,85 @@
+<?php
+
+Prado::using('System.Security.TSecurityManager');
+PRado::using('System.Xml.TXmlDocument');
+
+class SecurityManager extends TSecurityManager {
+
+ private $_configFile;
+ private $_validationKey;
+ private $_encryptionKey;
+
+ public function setConfigFile($path) {
+ $this->_configFile = Prado::getPathOfNamespace($path, '.xml');
+ $this->_restoreKeys();
+ }
+
+ public function getValidationKey() {
+ if (!$this->_configFile) {
+ return parent::getValidationKey();
+ }
+ if (!$this->_validationKey) {
+ $this->_storeKeys($this->_encryptionKey, $this->generateRandomKey());
+ }
+ return $this->_validationKey;
+ }
+
+ public function setValidationKey($key) {
+ parent::setValidationKey($key);
+ if ($this->_configFile) {
+ $this->_storeKeys($this->_encryptionKey, $key);
+ }
+ }
+
+ public function getEncryptionKey() {
+ if (!$this->_configFile) {
+ return parent::getEncryptionKey();
+ }
+ if (!$this->_encryptionKey) {
+ $this->_storeKeys($this->generateRandomKey(), $this->_validationKey);
+ }
+ return $this->_encryptionKey;
+ }
+
+ public function setEncryptionKey($key) {
+ parent::setEncryptionKey($key);
+ if ($this->_configFile) {
+ $this->_storeKeys($key, $this->_validationKey);
+ }
+ }
+
+ private function _restoreKeys() {
+ if ($this->_configFile) {
+ try {
+ $xml = new TXmlDocument();
+ $xml->loadFromFile($this->_configFile);
+ foreach ($xml->getELementsByTagName('key') as $key) {
+ $this->{'_' . $key->Attributes['for'] . 'Key'} = $key->Value;
+ }
+ } catch (TIOException $e) {}
+ }
+ }
+
+ private function _storeKeys($encryptionKey, $validationKey) {
+ $this->_encryptionKey = $encryptionKey;
+ $this->_validationKey = $validationKey;
+ if ($this->_configFile) {
+ $xml = new TXmlDocument();
+ $xml->TagName = 'keys';
+ $encElement = new TXmlElement('key');
+ $encElement->Attributes['for'] = 'encryption';
+ $encElement->Value = $this->_encryptionKey;
+ $xml->Elements[] = $encElement;
+ $valElement = new TXmlElement('key');
+ $valElement->Attributes['for'] = 'validation';
+ $valElement->Value = $this->_validationKey;
+ $xml->Elements[] = $valElement;
+ @chmod($this->_configFile, 0600);
+ $xml->saveToFile($this->_configFile);
+ chmod($this->_configFile, 0400);
+ }
+ }
+
+}
+
+?>