spatie/url-signer
Composer 安装命令:
composer require spatie/url-signer
包简介
Generate a url with an expiration date and signature to prevent unauthorized access
关键字:
README 文档
README
This package can create URLs with a limited lifetime. This is done by adding an expiration date and a signature to the URL.
$urlSigner = new Sha256UrlSigner('randomkey'); $urlSigner->sign('https://myapp.com', 30); // => The generated url will be valid for 30 seconds
This will output a URL that looks like https://myapp.com/?expires=xxxx&signature=xxxx.
Imagine mailing this URL out to the users of your application. When a user clicks on a signed URL your application can validate it with:
// returns `true` if valid, `false` if not $urlSigner->validate('https://myapp.com/?expires=xxxx&signature=xxxx');
Support us
We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.
Postcardware
You're free to use this package (it's MIT-licensed), but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.
Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.
All postcards are published on our website.
Installation
The package can installed via Composer:
composer require spatie/url-signer
Usage
A signer-object can sign URLs and validate signed URLs. A secret key is used to generate signatures.
use Spatie\UrlSigner\Sha256UrlSigner; $urlSigner = new Sha256UrlSigner('mysecretkey');
Generating URLs
Signed URLs can be generated by providing a regular URL and an expiration date to the sign method.
$expirationDate = (new DateTime())->modify('10 days'); $urlSigner->sign('https://myapp.com', $expirationDate); // => The generated url will be valid for 10 days
If an integer is provided as expiration date, the URL will be valid for that amount of seconds.
$urlSigner->sign('https://myapp.com', 30); // => The generated URL will be valid for 30 seconds
Validating URLs
To validate a signed URL, simply call the validate() method. This will return a boolean.
$urlSigner->validate('https://myapp.com/?expires=1439223344&signature=a479abde194d111022a6831edbda29b14e7bdb760438a8a0be2556cd1a6c23fa'); // => true $urlSigner->validate('https://myapp.com/?expires=1439223344&signature=a479abde194d111022a6831edbda-INVALID-29b14e7bdb760438a8a0be2556cd1a6c23fa'); // => false
Writing custom signers
This packages provides a signer that uses SHA256 to generate signature. You can create your own
signer by implementing the Spatie\UrlSigner\Contracts\UrlSigner-interface. If you let your signer extend
Spatie\UrlSigner\AbstractUrlSigner you'll only need to provide the createSignature-method.
Tests
The tests can be run with:
composer test
Integrations
To get started quickly in Laravel you can use the spatie/laravel-url-signer package.
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you've found a bug regarding security please mail security@spatie.be instead of using the issue tracker.
Credits
About Spatie
Spatie is a webdesign agency in Antwerp, Belgium. You'll find an overview of all our open source projects on our website.
License
The MIT License (MIT). Please see License File for more information.
spatie/url-signer 适用场景与选型建议
spatie/url-signer 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 2.47M 次下载、GitHub Stars 达 443, 最近一次更新时间为 2015 年 08 月 14 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「url」 「encryption」 「sign」 「spatie」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 spatie/url-signer 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 spatie/url-signer 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 spatie/url-signer 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Provide a way to secure accesses to all routes of an symfony application.
Encryption with AES-256 and HMAC-SHA256
Easy URL rewrites in your Laravel application
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
统计信息
- 总下载量: 2.47M
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 449
- 点击次数: 24
- 依赖项目数: 16
- 推荐数: 1
其他信息
- 授权协议: MIT
- 更新时间: 2015-08-14