You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
66 lines
1.6 KiB
66 lines
1.6 KiB
<?php |
|
|
|
/** |
|
* @file |
|
*/ |
|
|
|
define('TOKEN_TIMEOUT', 30000); |
|
|
|
function islandora_get_object_token($pid, $dsid) { |
|
global $user; |
|
$time = time(); |
|
$token = hash("sha256", $user->uid . $pid . $dsid . $time); |
|
|
|
//** check if this request is allowed **// |
|
module_load_include("inc", "islandora", "includes/tuque"); |
|
// test if this is a valid request |
|
$validator = new IslandoraTuque($user); |
|
try { |
|
$result = $validator->connection->getRequest("objects/$pid/datastreams/$dsid/content", true); |
|
} |
|
catch (RepositoryException $rx) { |
|
//print_r("authentication failed"); |
|
return FALSE; |
|
} |
|
//** **// |
|
|
|
$id = db_insert("islandora_authtokens") |
|
->fields(array( |
|
'token' => $token, |
|
'uid' => $user->uid, |
|
'pid' => $pid, |
|
'dsid' => $dsid, |
|
'time' => $time, |
|
)) |
|
->execute(); |
|
return $token; |
|
} |
|
|
|
function islandora_validate_object_token($pid, $dsid, $token) { |
|
global $user; |
|
// check for database token |
|
$time = time(); |
|
$result = db_select("islandora_authtokens", "id") |
|
->fields("id") |
|
->condition('token', $token, '=') |
|
->condition('uid', $user->uid, '=') |
|
->condition('pid', $pid, '=') |
|
->condition('dsid', $dsid, '=') |
|
->condition('time', $time, '<=') |
|
->condition('time', $time-TOKEN_TIMEOUT, '>') |
|
->execute() |
|
->rowCount(); |
|
|
|
//** this is for one-time use tokens **// |
|
// remove the authtoken (if it exists) so it can't be used again |
|
db_delete("islandora_authtokens") |
|
->condition('token', $token, '=') |
|
->condition('uid', $user->uid, '=') |
|
->condition('pid', $pid, '=') |
|
->condition('dsid', $dsid, '=') |
|
->execute(); |
|
//** **// |
|
|
|
// print_r($result); |
|
return $result > 0; |
|
}
|
|
|