Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
- Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
- PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.
/admin/tool/mfa/classes/local/ -> secret_manager.php (source)
(no description)
| File Size: | 244 lines (8 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
Defines 1 class
secret_manager:: (8 methods):
__construct()
create_secret()
add_secret_to_db()
validate_secret()
check_secret_against_db()
revoke_secret()
has_active_secret()
cleanup_temp_secrets()
Class: secret_manager - X-Ref
MFA secret management class.| __construct(string $factor) X-Ref |
| Initialises a secret manager instance param: string $factor |
| create_secret(int $expires, bool $session, string $secret = null) X-Ref |
| This function creates or takes a secret, and stores it in the database or session. param: int $expires the length of time the secret is valid. e.g. 1 min = 60 param: bool $session whether this secret should be linked to the session. param: string $secret an optional provided secret return: string the secret code, or 0 if no new code created. |
| add_secret_to_db(string $secret, int $expires, string $sessionid = null) X-Ref |
| Inserts the provided secret into the database with a given expiry duration. param: string $secret the secret to store param: int $expires expiry duration in seconds param: string $sessionid an optional sessionID to tie this record to return: void |
| validate_secret(string $secret, bool $keep = false) X-Ref |
| Validates whether the provided secret is currently valid. param: string $secret the secret to check param: bool $keep should the secret be kept for reuse until expiry? return: string a secret manager state constant |
| check_secret_against_db(string $secret, string $sessionid) X-Ref |
| Checks if a given secret is valid from the Database. param: string $secret the secret to check. param: string $sessionid the session id to check for. return: string a secret manager state constant. |
| revoke_secret(string $secret, $userid = null) X-Ref |
| Revokes the provided secret code for the user. param: string $secret the secret to revoke. param: int $userid the userid to revoke the secret for. return: void |
| has_active_secret(bool $checksession = false) X-Ref |
| Checks whether this factor currently has an active secret, and should not add another. param: bool $checksession should we only check if a current session secret is active? return: bool |
| cleanup_temp_secrets($userid = null) X-Ref |
| Deletes any user secrets hanging around in the database. param: int $userid the userid to cleanup temp secrets for. return: void |
