lib/pkp/classes/security/AccessKeyManager.inc.php

   1 <?php
   2
   3 /**
   4  * @file classes/security/AccessKeyManager.inc.php
   5  *
   6  * Copyright (c) 2000-2009 John Willinsky
   7  * Distributed under the GNU GPL v2. For full terms see the file docs/COPYING.
   8  *
   9  * @class AccessKeyManager
  10  * @ingroup security
  11  * @see AccessKey
  12  *
  13  * @brief Class defining operations for AccessKey management.
  14  */
  15
  16 // $Id: AccessKeyManager.inc.php,v 1.4 2009/04/08 21:34:54 asmecher Exp $
  17
  18
  19 class AccessKeyManager {
  20         var $accessKeyDao;
  21
  22         /**
  23          * Constructor.
  24          * Create a manager for access keys.
  25          */
  26         function AccessKeyManager() {
  27                 $this->accessKeyDao =& DAORegistry::getDAO('AccessKeyDAO');
  28                 $this->_performPeriodicCleanup();
  29         }
  30
  31         /**
  32          * Generate a key hash from a key.
  33          * @param $key string
  34          * @return string
  35          */
  36         function generateKeyHash($key) {
  37                 return md5($key);
  38         }
  39
  40         /**
  41          * Validate an access key based on the supplied credentials.
  42          * If $assocId is specified, it must match the associated ID of the
  43          * key exactly.
  44          * @param $context string The context of the access key
  45          * @param $key string The access key "passcode"
  46          * @param $assocId string optional assoc ID to check against the keys in the database
  47          */
  48         function &validateKey($context, $userId, $keyHash, $assocId = null) {
  49                 $accessKey =& $this->accessKeyDao->getAccessKeyByKeyHash($context, $userId, $keyHash, $assocId);
  50                 return $accessKey;
  51         }
  52
  53         /**
  54          * Create an access key with the given information.
  55          * @param $context string The context of the access key
  56          * @param $userId int The ID of the effective user for this access key
  57          * @param $assocId int The associated ID of the key
  58          * @param $expiryDays int The number of days before this key expires
  59          * @return accessKey string The generated passkey
  60          */
  61         function createKey($context, $userId, $assocId, $expiryDays) {
  62                 $accessKey = new AccessKey();
  63                 $accessKey->setContext($context);
  64                 $accessKey->setUserId($userId);
  65                 $accessKey->setAssocId($assocId);
  66                 $accessKey->setExpiryDate(Core::getCurrentDate(time() + (60 * 60 * 24 * $expiryDays)));
  67
  68                 $key = Validation::generatePassword();
  69                 $accessKey->setKeyHash($this->generateKeyHash($key));
  70
  71                 $this->accessKeyDao->insertAccessKey($accessKey);
  72
  73                 return $key;
  74         }
  75
  76         /**
  77          * Periodically clean up expired keys.
  78          */
  79         function _performPeriodicCleanup() {
  80                 if (time() % 100 == 0) {
  81                         $accessKeyDao =& DAORegistry::getDAO('AccessKeyDAO');
  82                         $accessKeyDao->deleteExpiredKeys();
  83                 }
  84         }
  85 }
  86
  87 ?>