refactoring routing and class comments.
This commit is contained in:
Taylor Otwell
@@ -100,13 +100,14 @@ class Auth {
|
||||
/**
|
||||
* Attempt to log a user into the application.
|
||||
*
|
||||
* If the given credentials are valid, the user will be logged into the application
|
||||
* and their user ID will be stored in the session via the "login" method.
|
||||
* If the given credentials are valid, the user will be logged into
|
||||
* the application and their user ID will be stored in the session
|
||||
* via the "login" method.
|
||||
*
|
||||
* The user may also be "remembered". When this option is set, the user will be
|
||||
* automatically logged into the application for one year via an encrypted cookie
|
||||
* containing their ID. Of course, if the user logs out of the application,
|
||||
* they will no longer be remembered.
|
||||
* The user may also be "remembered". When this option is set, the user
|
||||
* will be automatically logged into the application for one year via
|
||||
* an encrypted cookie containing their ID. Of course, if the user logs
|
||||
* out of the application, they will no longer be remembered.
|
||||
*
|
||||
* @param string $username
|
||||
* @param string $password
|
||||
@@ -130,8 +131,6 @@ class Auth {
|
||||
/**
|
||||
* Log a user into the application.
|
||||
*
|
||||
* The user ID will be stored in the session so it is available on subsequent requests.
|
||||
*
|
||||
* @param object $user
|
||||
* @param bool $remember
|
||||
* @return void
|
||||
@@ -156,9 +155,10 @@ class Auth {
|
||||
{
|
||||
$cookie = Crypter::encrypt($id.'|'.$username.'|'.Str::random(40));
|
||||
|
||||
// This method assumes the "remember me" cookie should have the same configuration
|
||||
// as the session cookie. Since this cookie, like the session cookie, should be
|
||||
// kept very secure, it's probably safe to assume the settings are the same.
|
||||
// This method assumes the "remember me" cookie should have the
|
||||
// same configuration as the session cookie. Since this cookie,
|
||||
// like the session cookie, should be kept very secure, it's
|
||||
// probably safe to assume the settings are the same.
|
||||
$config = Config::get('session');
|
||||
|
||||
Cookie::forever(Auth::remember_key, $cookie, $config['path'], $config['domain'], $config['secure']);
|
||||
@@ -167,9 +167,9 @@ class Auth {
|
||||
/**
|
||||
* Log the current user out of the application.
|
||||
*
|
||||
* The "logout" closure in the authenciation configuration file will be called.
|
||||
* All authentication cookies will be deleted and the user ID will be removed
|
||||
* from the session.
|
||||
* The "logout" closure in the authenciation configuration file
|
||||
* will be called. All authentication cookies will be deleted
|
||||
* and the user ID will be removed from the session.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
|
||||
@@ -24,8 +24,9 @@ class Crypter {
|
||||
/**
|
||||
* Encrypt a string using Mcrypt.
|
||||
*
|
||||
* The string will be encrypted using the cipher and mode specified when the crypter
|
||||
* instance was created, and the final result will be base64 encoded.
|
||||
* The string will be encrypted using the cipher and mode specified
|
||||
* when the crypter instance was created, and the final result will
|
||||
* be base64 encoded.
|
||||
*
|
||||
* <code>
|
||||
* // Encrypt a string using the Mcrypt PHP extension
|
||||
@@ -70,8 +71,9 @@ class Crypter {
|
||||
*/
|
||||
public static function decrypt($value)
|
||||
{
|
||||
// Since all encrypted strings generated by this class are base64 encoded, we will
|
||||
// first attempt to base64 decode the string. If we can't do it, we'll bail out.
|
||||
// Since all encrypted strings generated by this class are base64
|
||||
// encoded, we will first attempt to base64 decode the string.
|
||||
// If we can't do it, we'll bail out.
|
||||
if ( ! is_string($value = base64_decode($value, true)))
|
||||
{
|
||||
throw new \Exception('Decryption error. Input value is not valid base64 data.');
|
||||
|
||||
@@ -5,10 +5,10 @@ class Hasher {
|
||||
/**
|
||||
* Hash a password using the Bcrypt hashing scheme.
|
||||
*
|
||||
* Bcrypt provides a future-proof hashing algorithm by allowing the number of "rounds"
|
||||
* to be increased, thus increasing the time is takes to generate the hashed value.
|
||||
* The longer is takes to generate the hash, the more impractical a rainbow table
|
||||
* attack against the hashes becomes.
|
||||
* Bcrypt provides a future-proof hashing algorithm by allowing the number
|
||||
* of "rounds" to be increased, thus increasing the time is takes to generate
|
||||
* the hashed value. The longer is takes to generate the hash, the more
|
||||
* impractical a rainbow table attack against the hashes becomes.
|
||||
*
|
||||
* <code>
|
||||
* // Create a Bcrypt hash of a value
|
||||
@@ -30,9 +30,6 @@ class Hasher {
|
||||
/**
|
||||
* Determine if an unhashed value matches a given Bcrypt hash.
|
||||
*
|
||||
* Since the number of rounds is included in the Bcrypt hash, it is not
|
||||
* necessary to specify the rounds when calling this method.
|
||||
*
|
||||
* @param string $value
|
||||
* @param string $hash
|
||||
* @return bool
|
||||
|
||||
Reference in New Issue
Block a user