This commit is contained in:
10
common.php
10
common.php
@ -153,6 +153,10 @@ function hkdf_session_key_from_token(string $tokenHex, string $info = 'qdb-aes',
|
||||
|
||||
// --- Token-Storage (DB-backed via session table) ---
|
||||
|
||||
function token_storage_key(string $token): string {
|
||||
return hash('sha256', $token);
|
||||
}
|
||||
|
||||
function token_add(string $token, int $ttlSeconds = 86400, array $extra = []): void {
|
||||
require_once __DIR__ . '/db_init.php';
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
||||
@ -161,7 +165,7 @@ function token_add(string $token, int $ttlSeconds = 86400, array $extra = []): v
|
||||
"INSERT INTO session (token, userID, role, entityID, createdAt, expiresAt, temp)
|
||||
VALUES (:t, :uid, :role, :eid, :ca, :ea, :tmp)"
|
||||
)->execute([
|
||||
':t' => $token,
|
||||
':t' => token_storage_key($token),
|
||||
':uid' => $extra['userID'] ?? '',
|
||||
':role' => $extra['role'] ?? '',
|
||||
':eid' => $extra['entityID'] ?? '',
|
||||
@ -178,7 +182,7 @@ function token_get_record(string $token): ?array {
|
||||
require_once __DIR__ . '/db_init.php';
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(false);
|
||||
$stmt = $pdo->prepare("SELECT * FROM session WHERE token = :t AND expiresAt >= :now");
|
||||
$stmt->execute([':t' => $token, ':now' => time()]);
|
||||
$stmt->execute([':t' => token_storage_key($token), ':now' => time()]);
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
qdb_discard($tmpDb, $lockFp);
|
||||
if (!$row) return null;
|
||||
@ -197,7 +201,7 @@ function token_get_record(string $token): ?array {
|
||||
function token_revoke(string $token): void {
|
||||
require_once __DIR__ . '/db_init.php';
|
||||
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
||||
$pdo->prepare("DELETE FROM session WHERE token = :t")->execute([':t' => $token]);
|
||||
$pdo->prepare("DELETE FROM session WHERE token = :t")->execute([':t' => token_storage_key($token)]);
|
||||
qdb_save($tmpDb, $lockFp);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user