Home Explore Help
Sign In
SMusatov
/
koseven
mirror of https://github.com/koseven/koseven.git
1
0
Fork 0
Files
Branch: security/jquery-vulnerable
Branches Tags
koseven
/
modules
/
orm
/
classes
/
Model
/
Auth
/
User
/
Token.php

Token.php 1.3 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Default auth user toke
    4. 

  4.  *
    5. 

  5.  * @package    Kohana/Auth
    6. 

  6.  * @author     Kohana Team
    7. 

  7.  * @copyright  (c) Kohana Team
    8. 

  8.  * @license    https://koseven.ga/LICENSE.md
    9. 

  9.  */
    10. 

  10. class Model_Auth_User_Token extends ORM {
    11. 

  11. 

  12. 	// Relationships
    13. 

  13. 	protected $_belongs_to = [
    14. 

  14. 		'user' => ['model' => 'User']
    15. 

  15. 	];
    16. 

  16. 	
    17. 

  17. 	protected $_created_column = [
    18. 

  18. 		'column' => 'created',
    19. 

  19. 		'format' => TRUE
    20. 

  20. 	];
    21. 

  21. 

  22. 	/**
    23. 

  23. 	 * Handles garbage collection and deleting of expired objects.
    24. 

  24. 	 *
    25. 

  25. 	 * @return  void
    26. 

  26. 	 */
    27. 

  27. 	public function __construct($id = NULL)
    28. 

  28. 	{
    29. 

  29. 		parent::__construct($id);
    30. 

  30. 

  31. 		if (random_int(1, 100) === 1)
    32. 

  32. 		{
    33. 

  33. 			// Do garbage collection
    34. 

  34. 			$this->delete_expired();
    35. 

  35. 		}
    36. 

  36. 

  37. 		if ($this->expires < time() AND $this->_loaded)
    38. 

  38. 		{
    39. 

  39. 			// This object has expired
    40. 

  40. 			$this->delete();
    41. 

  41. 		}
    42. 

  42. 	}
    43. 

  43. 

  44. 	/**
    45. 

  45. 	 * Deletes all expired tokens.
    46. 

  46. 	 *
    47. 

  47. 	 * @return  ORM
    48. 

  48. 	 */
    49. 

  49. 	public function delete_expired()
    50. 

  50. 	{
    51. 

  51. 		// Delete all expired tokens
    52. 

  52. 		DB::delete($this->_table_name)
    53. 

  53. 			->where('expires', '<', time())
    54. 

  54. 			->execute($this->_db);
    55. 

  55. 

  56. 		return $this;
    57. 

  57. 	}
    58. 

  58. 

  59. 	public function create(Validation $validation = NULL)
    60. 

  60. 	{
    61. 

  61. 		$this->token = $this->create_token();
    62. 

  62. 

  63. 		return parent::create($validation);
    64. 

  64. 	}
    65. 

  65. 

  66. 	protected function create_token()
    67. 

  67. 	{
    68. 

  68. 		do
    69. 

  69. 		{
    70. 

  70. 			$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
    71. 

  71. 		}
    72. 

  72. 		while (ORM::factory('User_Token', ['token' => $token])->loaded());
    73. 

  73. 

  74. 		return $token;
    75. 

  75. 	}
    76. 

  76. 

  77. } // End Auth User Token Model
    78.