/usr/share/php/kohana2/modules/auth/models/auth_user_token.php is in libkohana2-modules-php 2.3.4-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 | <?php defined('SYSPATH') OR die('No direct access allowed.');
class Auth_User_Token_Model extends ORM {
// Relationships
protected $belongs_to = array('user');
// Current timestamp
protected $now;
/**
* Handles garbage collection and deleting of expired objects.
*/
public function __construct($id = NULL)
{
parent::__construct($id);
// Set the now, we use this a lot
$this->now = time();
if (mt_rand(1, 100) === 1)
{
// Do garbage collection
$this->delete_expired();
}
if ($this->expires < $this->now)
{
// This object has expired
$this->delete();
}
}
/**
* Overload saving to set the created time and to create a new token
* when the object is saved.
*/
public function save()
{
if ($this->loaded === FALSE)
{
// Set the created time, token, and hash of the user agent
$this->created = $this->now;
$this->user_agent = sha1(Kohana::$user_agent);
}
// Create a new token each time the token is saved
$this->token = $this->create_token();
return parent::save();
}
/**
* Deletes all expired tokens.
*
* @return void
*/
public function delete_expired()
{
// Delete all expired tokens
$this->db->where('expires <', $this->now)->delete($this->table_name);
return $this;
}
/**
* Finds a new unique token, using a loop to make sure that the token does
* not already exist in the database. This could potentially become an
* infinite loop, but the chances of that happening are very unlikely.
*
* @return string
*/
protected function create_token()
{
while (TRUE)
{
// Create a random token
$token = text::random('alnum', 32);
// Make sure the token does not already exist
if ($this->db->select('id')->where('token', $token)->get($this->table_name)->count() === 0)
{
// A unique token has been found
return $token;
}
}
}
/**
* Allows loading by token string.
*/
public function unique_key($id)
{
if ( ! empty($id) AND is_string($id) AND ! ctype_digit($id))
{
return 'token';
}
return parent::unique_key($id);
}
} // End Auth User Token Model
|