37 lines
1.1 KiB
PHP
37 lines
1.1 KiB
PHP
<?php
|
|
namespace EEPROM\Auth;
|
|
|
|
use Index\Serialisation\UriBase64;
|
|
|
|
class NabuccoAuth implements IAuth {
|
|
private $secretKey = '';
|
|
|
|
public function __construct() {
|
|
global $cfg;
|
|
|
|
$this->secretKey = $cfg->getString('nabucco:secret');
|
|
}
|
|
|
|
public function getName(): string { return 'Nabucco'; }
|
|
|
|
public function hashToken(string $token): string {
|
|
return hash_hmac('md5', $token, $this->secretKey);
|
|
}
|
|
|
|
public function verifyToken(string $token): int {
|
|
$length = strlen($token);
|
|
if($length < 32 || $length > 100)
|
|
return -1;
|
|
$userHash = substr($token, 0, 32);
|
|
$packed = UriBase64::decode(substr($token, 32));
|
|
$realHash = $this->hashToken($packed);
|
|
if(!hash_equals($realHash, $userHash))
|
|
return -1;
|
|
$unpacked = unpack('NuserId/Ntime/CipWidth/a16ipAddr', $packed);
|
|
if(empty($unpacked['userId']) || empty($unpacked['time'])
|
|
|| $unpacked['time'] < strtotime('-1 month'))
|
|
return -1;
|
|
return intval($unpacked['userId']);
|
|
}
|
|
}
|