Class Phalcon\Security

implements Phalcon\DI\InjectionAwareInterface

This component provides a set of functions to improve the security in Phalcon applications

$login = $this->request->getPost('login');
$password = $this->request->getPost('password');

$user = Users::findFirstByLogin($login);
if ($user) {
    if ($this->security->checkHash($password, $user->password)) {
            //The password is valid
    }
}

Constants

integer CRYPT_DEFAULT

integer CRYPT_STD_DES

integer CRYPT_EXT_DES

integer CRYPT_MD5

integer CRYPT_BLOWFISH

integer CRYPT_BLOWFISH_X

integer CRYPT_BLOWFISH_Y

integer CRYPT_SHA256

integer CRYPT_SHA512

Methods

public setDI (Phalcon\DiInterface $dependencyInjector)

Sets the dependency injector

public Phalcon\DiInterface getDI ()

Returns the internal dependency injector

public setRandomBytes (string $randomBytes)

Sets a number of bytes to be generated by the openssl pseudo random generator

public string getRandomBytes ()

Returns a number of bytes to be generated by the openssl pseudo random generator

public setWorkFactor (int $workFactor)

Sets the default working factor for bcrypts password’s salts

public int getWorkFactor ()

Returns the default working factor for bcrypts password’s salts

public string getSaltBytes ()

Generate a >22-length pseudo random string to be used as salt for passwords

public string hash (string $password, [int $workFactor])

Creates a password hash using bcrypt with a pseudo random salt

public boolean checkHash (string $password, string $passwordHash, [int $maxPasswordLength])

Checks a plain text password and its hash version to check if the password matches

public boolean isLegacyHash (string $passwordHash)

Checks if a password hash is a valid bcrypt’s hash

public string getTokenKey ([int $numberBytes])

Generates a pseudo random token key to be used as input’s name in a CSRF check

public string getToken ([int $numberBytes])

Generates a pseudo random token value to be used as input’s value in a CSRF check

public boolean checkToken ([string $tokenKey], [string $tokenValue])

Check if the CSRF token sent in the request is the same that the current in session

public string getSessionToken ()

Returns the value of the CSRF token in session

public static computeHmac (unknown $data, unknown $key, unknown $algo, [unknown $raw])

string \Phalcon\Security::computeHmac(string $data, string $key, string $algo, bool $raw = false)

public static string The derived key deriveKey (unknown $password, unknown $salt, [unknown $hash], [unknown $iterations], [unknown $size])

Derives a key from the given password (PBKDF2).

public static pbkdf2 (unknown $password, unknown $salt, [unknown $hash], [unknown $iterations], [unknown $size])

public getDefaultHash ()

Returns the default hash

public setDefaultHash (unknown $hash)

Sets the default hash