I tried phalcon framework(2.0.8) Phalcon/Security,
I am in trouble without token fitting it.
I tried it in the next procedure. (This source uploaded https://github.com/nakanek/phalcon_security_test)
- create project by phalcon DevTools(2.0.8)
phalcon project phalcon- edit
app/config/service.php
$di->setShared('logger', function() use ($config) {
$formatter = new \Phalcon\Logger\Formatter\Line('%date% %type% %message%');
$logger = new \Phalcon\Logger\Adapter\File('../phalcon.log');
$logger->setLogLevel(\Phalcon\Logger::DEBUG);
$logger->setFormatter($formatter);
return $logger;
});
/**
* Start the session the first time some component request the session service
*/
$di->setShared('session', function () {
$session = new Phalcon\Session\Adapter\Libmemcached(array(
'servers' => array(
array('host' => 'localhost', 'port' => 11211, 'weight' => 1),
),
'client' => array(
Memcached::OPT_HASH => Memcached::HASH_MD5,
Memcached::OPT_PREFIX_KEY => 'prefix.',
),
'lifetime' => 3600,
'prefix' => 'my_'
));
$session->start();
return $session;
});
$di->set('security', function() {
$security = new \Phalcon\Security();
$security->setWorkFactor(12);
return $security;
}, true);
- append
app/views/index/index.volt
<div>
<a href="/index/tokencheck?token={{ security.getToken() }}">token check</a>
</div>
- edit
app/controllers/IndexController.php
public function indexAction()
{
$this->logger->debug('call indexAction');
}
public function tokencheckAction()
{
$this->view->sessionToken = $this->security->getSessionToken();
$this->view->token = $this->request->getQuery('token', null, null);
}- append
app/views/index/tokencheck.volt
<div>sessionToken:{{ sessionToken }}</div>
<div>token:{{ token }}</div>access / and click token check.
I hope that it becomes token equals sessionToken.
but result is
sessionToken:SfVRGoK1MY3GAVD
token:aYFN1Qa5SG8xvr1oIn addition, I was begun to write in log as follows.
Sun, 27 Dec 15 00:48:49 +0900 DEBUG call indexAction
Sun, 27 Dec 15 00:48:50 +0900 DEBUG call indexActionindexAction called twice for some reason. . .?