[MAILPOET-1898]
This commit is contained in:
Pavel Dohnal
M. Shull
@ -36,7 +36,6 @@ class Subscriber extends Model {
|
|||||||
const STATUS_UNCONFIRMED = 'unconfirmed';
|
const STATUS_UNCONFIRMED = 'unconfirmed';
|
||||||
const STATUS_BOUNCED = 'bounced';
|
const STATUS_BOUNCED = 'bounced';
|
||||||
const STATUS_INACTIVE = 'inactive';
|
const STATUS_INACTIVE = 'inactive';
|
||||||
const SUBSCRIBER_TOKEN_LENGTH = 6;
|
|
||||||
|
|
||||||
/** @var string|bool */
|
/** @var string|bool */
|
||||||
public $token;
|
public $token;
|
||||||
@ -108,13 +107,13 @@ class Subscriber extends Model {
|
|||||||
return self::where('wp_user_id', $wp_user->ID)->findOne();
|
return self::where('wp_user_id', $wp_user->ID)->findOne();
|
||||||
}
|
}
|
||||||
|
|
||||||
static function generateToken($email = null) {
|
static function generateToken($email = null, $length = 32) {
|
||||||
if ($email !== null) {
|
if ($email !== null) {
|
||||||
$auth_key = '';
|
$auth_key = '';
|
||||||
if (defined('AUTH_KEY')) {
|
if (defined('AUTH_KEY')) {
|
||||||
$auth_key = AUTH_KEY;
|
$auth_key = AUTH_KEY;
|
||||||
}
|
}
|
||||||
return substr(md5($auth_key . $email), 0, self::SUBSCRIBER_TOKEN_LENGTH);
|
return substr(md5($auth_key . $email), 0, $length);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -122,8 +121,8 @@ class Subscriber extends Model {
|
|||||||
static function verifyToken($email, $token) {
|
static function verifyToken($email, $token) {
|
||||||
return call_user_func(
|
return call_user_func(
|
||||||
'hash_equals',
|
'hash_equals',
|
||||||
self::generateToken($email),
|
self::generateToken($email, strlen($token)),
|
||||||
substr($token, 0, self::SUBSCRIBER_TOKEN_LENGTH)
|
$token
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -648,7 +648,7 @@ class SubscriberTest extends \MailPoetTest {
|
|||||||
|
|
||||||
function testItGeneratesSubscriberToken() {
|
function testItGeneratesSubscriberToken() {
|
||||||
$token = Subscriber::generateToken($this->test_data['email']);
|
$token = Subscriber::generateToken($this->test_data['email']);
|
||||||
expect(strlen($token))->equals(Subscriber::SUBSCRIBER_TOKEN_LENGTH);
|
expect(strlen($token))->equals(32);
|
||||||
}
|
}
|
||||||
|
|
||||||
function testItVerifiesSubscriberToken() {
|
function testItVerifiesSubscriberToken() {
|
||||||
@ -658,8 +658,7 @@ class SubscriberTest extends \MailPoetTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function testItVerifiesTokensOfDifferentLengths() {
|
function testItVerifiesTokensOfDifferentLengths() {
|
||||||
$token = md5(AUTH_KEY . $this->test_data['email']);
|
$token = Subscriber::generateToken($this->test_data['email'], 6);
|
||||||
expect(strlen($token))->notEquals(Subscriber::SUBSCRIBER_TOKEN_LENGTH);
|
|
||||||
expect(Subscriber::verifyToken($this->test_data['email'], $token))->true();
|
expect(Subscriber::verifyToken($this->test_data['email'], $token))->true();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user