Download the PHP package jenryollivierre/laranonce without Composer
On this page you can find all versions of the php package jenryollivierre/laranonce. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download jenryollivierre/laranonce
More information about jenryollivierre/laranonce
Files in jenryollivierre/laranonce
Package laranonce
Short Description A nonce generator for your laravel application.
License MIT
Informations about the package laranonce
Laranonce
About
Laranonce is a nonce generator for your laravel application.
Installation
Install via composer command composer require jenryollivierre/laranonce
Configuration
Publish the package's configuration file to configure options before starting to use the package. Use artisan command php artisan vendor:publish --tag=laranonce-config
.
Configuration Options
-
enabled: Whether to enable the nonce functionality. If this is set to false, all nonce checks will pass as true wherever the check is done. This is particularly useful when testing your application to disable nonce checks. Defaults to true.
-
algorithm: The hashing algorithm to use while generating the nonce. Defaults to 'sha256'. See https://www.php.net/manual/en/function.hash-algos.php
-
lifetime: The time in seconds that the nonce will be valid for. Defaults to 900 seconds (15 minutes).
-
secret: The secret key to use in the nonce generation process. This should not be a public key. Ideally, you should reference this value from your .env file. Defaults to App_Key .env value.
-
driver: The driver to use for the nonce process. Available drivers are database and file. File driver is recommended as it's twice as fast as the database driver. Defaults to file.
-
table_name: The name of the table to create if the database driver is being used.
-
storage_disk: The storage disk to store the nonces on when using the file driver. The public disk should never be used! Defaults to local.
- storage_directory: A directory within the storage disk to store the nonces when using the file driver. Defaults to nonces.
How To Use
On your form input field, call the Laranonce\Facades\Nonce::generate()
method, which accepts one parameter, which is an identifier for the nonce. Try to make the name as unique as possible i.e Laranonce\Facades\Nonce::generate('submit_cart_paypal_payment');
Then on the backend, you check by using the Laranonce\Facades\Nonce::verify($name, $nonce) method, which accepts to parameters. The first parameter is the name of the nonce action, and the 2nd parameter is the nonce value that was submitted with the request:
Alias
In your application config/app.php file, you can setup an alias to use in your view files.
'Nonce' => Laranonce\Facades\Nonce::class,
Clean Up
In order for the package to be a true nonce package, data is stored either in the database or file storage depending on the driver chosen to use. To clean up these files, take advantage of laravel task scheduling. See Task Scheduling Docs.
You can call the php artisan nonce:prune command
which by defaults deletes all the expired nonces. You can supply the 'all' argument to delete all the nonces php artisan nonce:prune all
.
In your task scheduling: