Package to create a digest of a string/array, to be used in creating unique unguessable URLs/folder names.
You can install the package via composer:
composer require pforret/digestif
use Pforret\Digestif\Digestif;
$dig = new Digestif(env("DIGEST_SEED"));
// seed value should be unique for that server/application.
// It's important that it is not known to the outside world.
// It should be the same for the application creating the Digest as the one reading/verifying it
$url = "https://secure.example.com/invoice/1200323";
// if you make your URL like this, the URL for the other invoices can be guessed (e.g. 1200324, etc)
$digest = $dig->fromString($url);
$secure_url = "$url/$digest";
// URL = https://secure.example.com/invoice/1200323/0a1b-2c3d
// using a route /invoice/{id}/{digest} will allow you to verify the digest
// the URL of the next invoice 1200324 cannot be guessed without knowing the seed value
// or use this
$secure_url = "$url?$digest";
//URL = https://secure.example.com/invoice/1200323?0a1b-2c3d
// and then verify the digest before showing the actual invoice
if(!$dig->compareDigest($dig->fromString($url), $digest)){
return false;
}
// 0a1b-2c3d will be ok, as 0a1b2c3d (without dash)
## Testing
```bash
composer test
Please see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see License File for more information.