From 53597812732c7891b087ef9de9788b824326dd93 Mon Sep 17 00:00:00 2001 From: emkael Date: Mon, 31 Oct 2016 17:22:13 +0100 Subject: * SecurityManager which persist validation/encryption keys outside of global state cache --- app/frontend/user/SecurityManager.php | 85 +++++++++++++++++++++++++++++++++++ app/frontend/user/config.xml | 2 + 2 files changed, 87 insertions(+) create mode 100644 app/frontend/user/SecurityManager.php (limited to 'app/frontend/user') diff --git a/app/frontend/user/SecurityManager.php b/app/frontend/user/SecurityManager.php new file mode 100644 index 0000000..b83174c --- /dev/null +++ b/app/frontend/user/SecurityManager.php @@ -0,0 +1,85 @@ +_configFile = Prado::getPathOfNamespace($path, '.xml'); + $this->_restoreKeys(); + } + + public function getValidationKey() { + if (!$this->_configFile) { + return parent::getValidationKey(); + } + if (!$this->_validationKey) { + $this->_storeKeys($this->_encryptionKey, $this->generateRandomKey()); + } + return $this->_validationKey; + } + + public function setValidationKey($key) { + parent::setValidationKey($key); + if ($this->_configFile) { + $this->_storeKeys($this->_encryptionKey, $key); + } + } + + public function getEncryptionKey() { + if (!$this->_configFile) { + return parent::getEncryptionKey(); + } + if (!$this->_encryptionKey) { + $this->_storeKeys($this->generateRandomKey(), $this->_validationKey); + } + return $this->_encryptionKey; + } + + public function setEncryptionKey($key) { + parent::setEncryptionKey($key); + if ($this->_configFile) { + $this->_storeKeys($key, $this->_validationKey); + } + } + + private function _restoreKeys() { + if ($this->_configFile) { + try { + $xml = new TXmlDocument(); + $xml->loadFromFile($this->_configFile); + foreach ($xml->getELementsByTagName('key') as $key) { + $this->{'_' . $key->Attributes['for'] . 'Key'} = $key->Value; + } + } catch (TIOException $e) {} + } + } + + private function _storeKeys($encryptionKey, $validationKey) { + $this->_encryptionKey = $encryptionKey; + $this->_validationKey = $validationKey; + if ($this->_configFile) { + $xml = new TXmlDocument(); + $xml->TagName = 'keys'; + $encElement = new TXmlElement('key'); + $encElement->Attributes['for'] = 'encryption'; + $encElement->Value = $this->_encryptionKey; + $xml->Elements[] = $encElement; + $valElement = new TXmlElement('key'); + $valElement->Attributes['for'] = 'validation'; + $valElement->Value = $this->_validationKey; + $xml->Elements[] = $valElement; + @chmod($this->_configFile, 0600); + $xml->saveToFile($this->_configFile); + chmod($this->_configFile, 0400); + } + } + +} + +?> diff --git a/app/frontend/user/config.xml b/app/frontend/user/config.xml index 103b007..a815ed6 100644 --- a/app/frontend/user/config.xml +++ b/app/frontend/user/config.xml @@ -6,5 +6,7 @@ AllowAutoLogin="true" /> + -- cgit v1.2.3