JsonWebTokenSecretProvider
in package
Class JsonWebTokenSecretProvider
Creates random secret for JWT authentication.
Table of Contents
- SECRET_CONFIG_KEY = 'REST_API_SECRET'
- SECRET_LENGTH = 64
- getSecret() : string
- Returns a secret for JWT authentication
- resetSecret() : mixed
- Resets REST API secret.
Constants
SECRET_CONFIG_KEY
public
mixed
SECRET_CONFIG_KEY
= 'REST_API_SECRET'
SECRET_LENGTH
public
mixed
SECRET_LENGTH
= 64
Methods
getSecret()
Returns a secret for JWT authentication
public
static getSecret() : string
Secret is stored in gm_configuration with key REST_API_SECRET. If none is found a new secret will be created using random_bytes(), openssl_random_pseudo_bytes(), or mt_rand().
Return values
string —resetSecret()
Resets REST API secret.
public
static resetSecret() : mixed
ATTENTION: Calling this method will irrevocably invalidate each and every JWT token currently in use! (Unless a database backup with the old secret is available.)