Table Of ContentsPrevious topic< Class Phalcon\Queue\Beanstalk\Job Next topicClass Phalcon\Security\Exception > This Page |
Class Phalcon\Security¶implements Phalcon\DI\InjectionAwareInterface This component provides a set of functions to improve the security in Phalcon applications <?php
$login = $this->request->getPost('login');
$password = $this->request->getPost('password');
$user = Users::findFirstByLogin($login);
if ($user) {
if ($this->security->checkHash($password, $user->password)) {
//The password is valid
}
}
Methods¶public setDI (Phalcon\DiInterface $dependencyInjector) Sets the dependency injector public Phalcon\DiInterface getDI () Returns the internal dependency injector public setRandomBytes (string $randomBytes) Sets a number of bytes to be generated by the openssl pseudo random generator public string getRandomBytes () Returns a number of bytes to be generated by the openssl pseudo random generator public setWorkFactor (int $workFactor) Sets the default working factor for bcrypts password’s salts public int getWorkFactor () Returns the default working factor for bcrypts password’s salts public string getSaltBytes () Generate a >22-length pseudo random string to be used as salt for passwords public string hash (string $password, [int $workFactor]) Creates a password hash using bcrypt with a pseudo random salt public boolean checkHash (string $password, string $passwordHash) Checks a plain text password and its hash version to check if the password matches public boolean isLegacyHash (string $passwordHash) Checks if a password hash is a valid bcrypt’s hash public string getTokenKey ([int $numberBytes]) Generates a pseudo random token key to be used as input’s name in a CSRF check public string getToken ([int $numberBytes]) Generates a pseudo random token value to be used as input’s value in a CSRF check public boolean checkToken ([string $tokenKey], [string $tokenValue]) Check if the CSRF token sent in the request is the same that the current in session public string getSessionToken () Returns the value of the CSRF token in session |