cakephp-tokens

CakePHP plugin for generating various (secure) tokens.

Requirements

• CakePHP 3.+

PHP 5.x users are strongly advised to install the paragonie/random_compat polyfill composer package to ensure generated tokens are truly secure.

Installation

1. Install the plugin using composer:

   composer require alt3/cakephp-tokens:1.0.x-dev

2. To enable the plugin either run the following command:

   bin/cake plugin load Alt3/CakeTokens

   or manually add the following line to your config/bootstrap.php file:

   Plugin::load('Alt3/CakeTokens');

3. Create the required table used to store the tokens by running:

   bin/cake migrations migrate --plugin Alt3/CakeTokens

Usage

Inside your controller:

use Alt3\Tokens\RandomBytesToken

public function test() {

  // create a token object
  $token = new RandomBytesToken();
  $token->setCategory('password-reset');
  $token->setLifetime('+1 week');

  // save the token object
  $table = TableRegistry::get('Alt3/CakeTokens.Tokens');
  $entity = $table->newEntity($token->toArray());

  if ($table->save($entity)) {
    pr('Successfully saved token with id ' . $entity->id);
  }
}

Visit alt3/tokens for more information about creating the token object and creating your own token-specific Adapters.

Methods

The TokensTable comes with the following methods:

• setStatus($id, $status): set the status for token with id
• deleteAllExpired(): deletes all tokens that have expires
• deleteAllWithStatus($status): deletes all tokens matching given status

Custom Finders

The TokensTable comes with the following custom finders:

• findValidToken: true when given token value (must be passed)exists, has status 0 and has not expired
• findAllActive: returns all tokens with status 0

Contribute

Before submitting a PR make sure:

• PHPUnit tests pass (composer run-script tests)
• PSR-2 Code Sniffer tests pass (composer run-script cs)
• Coveralls Code Coverage remains at 100%