$id, 'secret' => $secret, ])); } /** * Decode Session. * * @param string $session * * @return array * * @throws \Exception */ public static function decodeSession($session) { $session = \json_decode(\base64_decode($session), true); $default = ['id' => null, 'secret' => '']; if (!\is_array($session)) { return $default; } return \array_merge($default, $session); } /** * Encode. * * One-way encryption * * @param $string * * @return string */ public static function hash(string $string) { return \hash('sha256', $string); } /** * Password Hash. * * One way string hashing for user passwords * * @param $string * * @return bool|string|null */ public static function passwordHash($string) { return \password_hash($string, PASSWORD_BCRYPT, array('cost' => 8)); } /** * Password verify. * * @param $plain * @param $hash * * @return bool */ public static function passwordVerify($plain, $hash) { return \password_verify($plain, $hash); } /** * Password Generator. * * Generate random password string * * @param int $length * * @return string * * @throws \Exception */ public static function passwordGenerator(int $length = 20):string { return \bin2hex(\random_bytes($length)); } /** * Token Generator. * * Generate random password string * * @param int $length * * @return string * * @throws \Exception */ public static function tokenGenerator(int $length = 128):string { return \bin2hex(\random_bytes($length)); } /** * Verify token and check that its not expired. * * @param array $tokens * @param int $type * @param string $secret * * @return bool|string */ public static function tokenVerify(array $tokens, int $type, string $secret) { foreach ($tokens as $token) { /** @var Document $token */ if ($token->isSet('type') && $token->isSet('secret') && $token->isSet('expire') && $token->getAttribute('type') == $type && $token->getAttribute('secret') === self::hash($secret) && $token->getAttribute('expire') >= \time()) { return (string)$token->getId(); } } return false; } }