/usr/include/Wt/Auth/Token is in libwt-dev 3.3.3+dfsg-4.1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 | // This may look like C code, but it's really -*- C++ -*-
/*
* Copyright (C) 2011 Emweb bvba, Kessel-Lo, Belgium.
*
* See the LICENSE file for terms of use.
*/
#ifndef WT_AUTH_TOKEN_H_
#define WT_AUTH_TOKEN_H_
#include <Wt/WDateTime>
namespace Wt {
namespace Auth {
/*! \class Token Wt/Auth/Token
* \brief An authentication token hash.
*
* An authentication token is a surrogate for identification or
* authentication. When a random authentication token is generated,
* \if cpp
* e.g. using WRandom::generateId()
* \endif
* it is a good practice to hash it
* using a cryptographic hash function, and only save this hash in the
* session or database for later verification. This avoids that a
* compromised database would leak all the authentication tokens.
*
* \sa User::addAuthToken()
* \sa User::setEmailToken()
*
* \ingroup auth
*/
class WT_API Token
{
public:
/*! \brief Default constructor.
*
* Creates an empty token.
*/
Token();
/*! \brief Constructor.
*/
Token(const std::string& hash, const WDateTime& expirationTime);
/*! \brief Returns whether the token is empty.
*
* An empty token is default constructed.
*/
bool empty() const { return hash_.empty(); }
/*! \brief Returns the hash.
*/
const std::string& hash() const { return hash_; }
/*! \brief Returns the expiration time.
*/
const WDateTime& expirationTime() const { return expirationTime_; }
private:
std::string hash_;
WDateTime expirationTime_;
};
}
}
#endif // WT_AUTH_TOKEN_H_
|