Class Phalcon\Security¶

This component provides a set of functions to improve the security in Phalcon applications

Methods¶

public setDI (Phalcon\DiInterface $dependencyInjector)

Sets the dependency injector

Returns the internal dependency injector

public setRandomBytes (string $randomBytes)

Sets a number of bytes to be generated by the openssl pseudo random generator

public string getRandomBytes ()

Returns a number of bytes to be generated by the openssl pseudo random generator

public setWorkFactor (int $workFactor)

Sets the default working factor for bcrypts password’s salts

public int getWorkFactor ()

Returns the default working factor for bcrypts password’s salts

public string getSaltBytes ()

Generate a >22-length pseudo random string to be used as salt for passwords

public string hash (string $password, [int $workFactor])

Creates a password hash using bcrypt with a pseudo random salt

public boolean checkHash (string $password, string $passwordHash)

Checks a plain text password and its hash version to check if the password matches

public boolean isLegacyHash (string $passwordHash)

Checks a plain text password and its hash version to check if the password matches

public string getTokenKey ([int $numberBytes])

Generates a pseudo random token key to be used as input’s name in a CSRF check

public string getToken ([int $numberBytes])

Generates a pseudo random token value to be used as input’s value in a CSRF check

public boolean checkToken ([string $tokenKey], [string $tokenValue])

Check if the CSRF token sent in the request is the same that the current in session

public string getSessionToken ()

Returns the value of the CSRF token in session