Added token generation method, and make it check the database to enfo…

…rce unique tokens. Fixes #3295
kohana · Jan 20, 2011 · 9720af8 · biakaveron · Mar 29, 2011 · 9720af8
1 parent 1d70bde
commit 9720af8
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 4 deletions.
diff --git a/auth-schema-mysql.sql b/auth-schema-mysql.sql
@@ -32,7 +32,8 @@ CREATE TABLE IF NOT EXISTS `user_tokens` (
   `id` int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
   `user_id` int(11) UNSIGNED NOT NULL,
   `user_agent` varchar(40) NOT NULL,
-  `token` varchar(32) NOT NULL,
+  `token` varchar(40) NOT NULL,
+  `type` varchar(100) NOT NULL,
   `created` int(10) UNSIGNED NOT NULL,
   `expires` int(10) UNSIGNED NOT NULL,
   PRIMARY KEY  (`id`),

diff --git a/classes/model/auth/user/token.php b/classes/model/auth/user/token.php
@@ -21,9 +21,6 @@ public function __construct($id = NULL)
 	{
 		parent::__construct($id);
 
-		// Set the now, we use this a lot
-		$this->_now = time();
-
 		if (mt_rand(1, 100) === 1)
 		{
 			// Do garbage collection
@@ -52,4 +49,22 @@ public function delete_expired()
 		return $this;
 	}
 
+	public function create(Validation $validation = NULL)
+	{
+		$this->token = $this->create_token();
+
+		return parent::create($validation);
+	}
+
+	protected function create_token()
+	{
+		do
+		{
+			$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
+		}
+		while(ORM::factory('user_token', array('token' => $token))->loaded());
+
+		return $token;
+	}
+
 } // End Auth User Token Model