PHP Class Webiny\Component\Security\Token\Storage\Stateless

It does not store the token anywhere, to make it stateless. All the necessary data to authorize the bearer is encrypted in the token itself.
Inheritance: extends Webiny\Component\Security\Token\AbstractTokenStorage, use trait Webiny\Component\Http\HttpTrait
Show file Open project: Webiny/Framework

Public Methods

Method Description
decryptUserData ( string $tokenData ) : TokenData | boolean Decrypts the provided $tokenData, unserializes the string, creates an instance of TokenData and validates it.
deleteUserToken ( ) : boolean Deletes the current auth token.
encryptUserData ( AbstractUser $user ) : string Stores user data into an array, encrypts it and returns the encrypted string.
getEncryptionKey ( ) : string Uses the current key, user session id and browser user agent, to form a new key.
getTokenString ( ) : string Get token string representation
loadUserFromToken ( ) : boolean | AbstractUser Check if auth token is present, if true, try to load the right user and return it's username.
saveUserToken ( AbstractUser $user ) : boolean Save user authentication token.
setTokenString ( string $token ) Save the provided token string into the token storage.

Method Details

decryptUserData() public method

If TokenData is valid, its instance is returned, otherwise false is returned.
public decryptUserData ( string $tokenData ) : TokenData | boolean
$tokenData string Encrypted data.
return Webiny\Component\Security\Token\TokenData | boolean

deleteUserToken() public method

Deletes the current auth token.
public deleteUserToken ( ) : boolean
return boolean

encryptUserData() public method

Stores user data into an array, encrypts it and returns the encrypted string.
public encryptUserData ( AbstractUser $user ) : string
$user Webiny\Component\Security\User\AbstractUser Instance of AbstractUser class that holds the pre-filled object from user provider.
return string

getEncryptionKey() public method

The new key is then unique to that user, and is used for encryption/decryption process.
public getEncryptionKey ( ) : string
return string

getTokenString() public method

Get token string representation
public getTokenString ( ) : string
return string

loadUserFromToken() public method

Check if auth token is present, if true, try to load the right user and return it's username.
public loadUserFromToken ( ) : boolean | AbstractUser
return boolean | Webiny\Component\Security\User\AbstractUser False it user token is not available, otherwise the AbstractUser object is returned.

saveUserToken() public method

Save user authentication token.
public saveUserToken ( AbstractUser $user ) : boolean
$user Webiny\Component\Security\User\AbstractUser Instance of AbstractUser class that holds the pre-filled object from user provider.
return boolean

setTokenString() public method

Save the provided token string into the token storage.
public setTokenString ( string $token )
$token string Token string to save.