通过
搜索
搜索coercive / 认证
Coercive 认证安全
1.1.6
2021-10-12 16:33 UTC
Requires
- php: >=7.4
- ext-json: *
README
使用 PHP 密码散列系统。
获取
composer require coercive/authentication
用法
use Coercive\Security\Authentication\Authentication; $auth = new Authentication; # EXAMPLE PASS $password = '1234hello_world'; # HASH $hash = $auth->hash($password); # VERIFY if($auth->verify($password, $hash)) { # Access granted } else { # Access denied } # NEED UPDATE REHASH ? if($auth->needsRehash($hash)) { # Do something }
去抖动
您可以对误输入的密码进行去抖动,以防止暴力攻击。去抖动是随机的,以掩盖踪迹。
# Set your min/max randow debounce $auth->debounce(500, 1500); # VERIFY if($auth->verify($password, $hash)) { # Access granted } else { # Access denied # In this case you will wait for 500-1500 milliseconds }
速率限制
您可以在给定时间段内统计任何元素(连接、访问、API 调用等)的通过次数,并决定是否允许通过。
默认设置中,在进入下一步之前可以添加一个额外的超时(睡眠)时间。
use Coercive\Security\Authentication\RateLimit; $ip = $_SERVER['REMOTE_ADDR']; $dir = '/mycustomdirectory/ratelimit'; # Example for 200 requests by hours $ratelimit = new RateLimit($dir, 200, 3600); # Example of waiting duration (for isAllowed method) $ratelimit->debounce(5000000); # You can add a global IP or pass it to >set(...) >get(...) methods $ratelimit->setIp($ip); # Add passage to stack $ratelimit->set(); # Get current allowed passages quantity $ratelimit->get(); # Return true/false if current passage is allowed $allowed = $ratelimit->isAllowed(); echo $allowed ? 'Allowed' : 'Unallowed'; # When use isAllowed, you can also retrieve the last passages quantity $i = $ratelimit->lastNb(); if($i >= 180) { echo 'The maximum limit is soon reached.'; }
StopForumSpam
PHP 处理器使用 Stop Forum Spam API [https://www.stopforumspam.com].
您可以检查 IP、电子邮件或用户名是否出现在垃圾邮件列表中。
请在此处查看 API 用法 [https://www.stopforumspam.com/usage].
use Coercive\Security\Authentication\StopForumSpam; $sfspam = new StopForumSpam; try { # Check if the given email is in spamlist if($sfspam->checkEmail('example@email.com')) { # Do something } # Check if the given email (MD5 encode) is in spamlist if($sfspam->checkEmail('example@email.com', true)) { # Do something } # Check if the given IP is in spamlist if($sfspam->checkIp('1.1.1.1')) { # Do something } # Check if the given user name is in spamlist if($sfspam->checkUserName('John Doe')) { # Do something } } catch (Exception $e) { # The check can throw an exception when can't call API or API send failed status. }
您可以为检查后自动执行操作添加一些回调函数。
use Coercive\Security\Authentication\StopForumSpam; $sfspam = new StopForumSpam; # Global callback is used before each check $sfspam->setCallbackBefore(function ($type, $value) { # Do something... if($type === StopForumSpam::TYPE_EMAIL && $value === 'test@email.com') { echo 'hello world'; } # Return not-null => stop processing and force return boolean casted value of your return return true; return false; # No return or return null => continue processing return null; }); # Global callback is used after each check $sfspam->setCallbackAfter(function ($type, $status, $value) { echo $value; if($type === StopForumSpam::TYPE_EMAIL && $status) { exit; } # Return not-null => override api status and force return boolean casted value of your return return true; return false; # No return or return null => return api status return null; }); # You can override value when pass a parameter as a reference $sfspam->setCallbackBefore(function ($type, &$value) { $value = 'new value'; }); # You have also specific callback for each type $sfspam->setCallbackBeforeEmail(function ($email) {}); $sfspam->setCallbackAfterEmail(function ($status, $email) {}); $sfspam->setCallbackBeforeIp(function ($ip) {}); $sfspam->setCallbackAfterIp(function ($status, $ip) {}); $sfspam->setCallbackBeforeIp(function ($name) {}); $sfspam->setCallbackAfterUserName(function ($status, $name) {});