2017 © Pedro Peláez
 

library url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

image

abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  • Friday, October 20, 2017
  • by abovesky
  • Repository
  • 1 Watchers
  • 0 Stars
  • 3 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 5 Versions
  • 0 % Grown

The README.md

Create secured URLs with a limited lifetime

This package can create URLs with a limited lifetime. This is done by adding an expiration date and a signature to the URL., (*1)

$urlAuth = new Md5('randomkey');

$urlAuth->sign('https://myapp.com', 30, 'days');

// => The generated url will be valid for 30 days

This will output an URL that looks like https://myapp.com/?expires=xxxx&signature=xxxx., (*2)

Imagine mailing this URL out to the users of your application. When a user clicks on a signed URL your application can validate it with:, (*3)

$urlAuth->validate('https://myapp.com/?expires=xxxx&signature=xxxx');

Installation

The package can installed via Composer:, (*4)

composer require abovesky/url-auth

Usage

A signer-object can sign URLs and validate signed URLs. A secret key is used to generate signatures., (*5)

use abovesky\UrlAuth\Md5;

$urlAuth = new Md5('mysecretkey');

Generating URLs

Signed URLs can be generated by providing a regular URL and an expiration date to the sign method., (*6)

$expirationDate = (new DateTime)->modify('10 days');

$urlAuth->sign('https://myapp.com', $expirationDate);

// => The generated url will be valid for 10 days

If an integer is provided as expiration date, the url will be valid for that amount of days., (*7)

$urlAuth->sign('https://myapp.com', 30, 'days');

// => The generated url will be valid for 30 days

Validating URLs

To validate a signed URL, simply call the validate() method. This will return a boolean., (*8)

$urlAuth->validate('https://myapp.com/?expires=1439223344&signature=2d42f65bd023362c6b61f7432705d811');

// => true

$urlAuth->validate('https://myapp.com/?expires=1439223344&signature=2d42f65bd0-INVALID-23362c6b61f7432705d811');

// => false

Writing custom signers

This packages provides a signer that uses md5 to generate signature. You can create your own signer by implementing the abovesky\UrlAuth\iUrlAuth-interface. If you let your signer extend abovesky\UrlAuth\Base you'll only need to provide the createSignature-method., (*9)

Tests

The tests can be run with:, (*10)

$ vendor/bin/phpspec run

License

The MIT License (MIT). Please see License File for more information., (*11)

The Versions

20/10 2017

dev-master

9999999-dev https://github.com/abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  Sources   Download

MIT

The Requires

 

by Avatar abovesky

url security encryption sign

20/10 2017

v1.0.3

1.0.3.0 https://github.com/abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  Sources   Download

MIT

The Requires

 

by Avatar abovesky

url security encryption sign

18/10 2017

v1.0.2

1.0.2.0 https://github.com/abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  Sources   Download

MIT

The Requires

 

by Avatar abovesky

url security encryption sign

18/10 2017

v1.0.1

1.0.1.0 https://github.com/abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  Sources   Download

MIT

The Requires

 

by Avatar abovesky

url security encryption sign

18/10 2017

v1.0.0

1.0.0.0 https://github.com/abovesky/url-auth

Generate a url with an expiration date and signature to prevent unauthorized access

  Sources   Download

MIT

The Requires

 

The Development Requires

by Avatar abovesky

url security encryption sign