Table Of ContentsPrevious topic< Final class Phalcon\Registry Next topicClass Phalcon\Security\Exception > This Page |
Class Phalcon\Security¶implements Phalcon\Di\InjectionAwareInterface This component provides a set of functions to improve the security in Phalcon applications <?php
$login = $this->request->getPost('login');
$password = $this->request->getPost('password');
$user = Users::findFirstByLogin($login);
if ($user) {
if ($this->security->checkHash($password, $user->password)) {
//The password is valid
}
}
Methods¶public setWorkFactor (unknown $workFactor) ... public getWorkFactor () ... public setDI (Phalcon\DiInterface $dependencyInjector) Sets the dependency injector public Phalcon\DiInterface getDI () Returns the internal dependency injector public setRandomBytes (unknown $randomBytes) Sets a number of bytes to be generated by the openssl pseudo random generator public string getRandomBytes () Returns a number of bytes to be generated by the openssl pseudo random generator public string getSaltBytes () Generate a >22-length pseudo random string to be used as salt for passwords public string hash (unknown $password, [unknown $workFactor]) Creates a password hash using bcrypt with a pseudo random salt public boolean checkHash (unknown $password, unknown $passwordHash, [unknown $maxPassLength]) Checks a plain text password and its hash version to check if the password matches public boolean isLegacyHash (unknown $password, unknown $passwordHash) Checks if a password hash is a valid bcrypt’s hash public string getTokenKey ([unknown $numberBytes]) Generates a pseudo random token key to be used as input’s name in a CSRF check public string getToken ([unknown $numberBytes]) Generates a pseudo random token value to be used as input’s value in a CSRF check public boolean checkToken ([unknown $tokenKey], [unknown $tokenValue]) Check if the CSRF token sent in the request is the same that the current in session public string getSessionToken () Returns the value of the CSRF token in session public computeHmac (unknown $data, unknown $key, unknown $algo, [unknown $raw]) string \Phalcon\Security::computeHmac(string $data, string $key, string $algo, bool $raw = false) |