2022-09-13 13:14:49 +00:00
|
|
|
<?php
|
|
|
|
|
namespace Misuzu;
|
|
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
use Index\Security\CSRFP;
|
2022-09-13 13:14:49 +00:00
|
|
|
|
|
|
|
|
final class CSRF {
|
2023-07-11 22:13:56 +00:00
|
|
|
private static CSRFP $instance;
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
public static function init(string $secretKey, string $identity): void {
|
|
|
|
|
self::$instance = new CSRFP($secretKey, $identity);
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
public static function validate(string $token, int $tolerance = -1): bool {
|
|
|
|
|
return self::$instance->verifyToken($token, $tolerance);
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
public static function token(): string {
|
|
|
|
|
return self::$instance->createToken();
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
public static function validateRequest(int $tolerance = -1): bool {
|
2023-07-12 19:14:40 +00:00
|
|
|
$token = (string)filter_input(INPUT_POST, '_csrf');
|
2023-07-11 20:51:24 +00:00
|
|
|
if(empty($token))
|
2023-07-12 19:14:40 +00:00
|
|
|
$token = (string)filter_input(INPUT_GET, 'csrf');
|
2022-09-13 13:14:49 +00:00
|
|
|
|
2023-07-11 22:13:56 +00:00
|
|
|
return self::$instance->verifyToken($token, $tolerance);
|
2022-09-13 13:14:49 +00:00
|
|
|
}
|
|
|
|
|
}
|
