Kcko · June 26, 2025 17:04
diff --git a/info.php b/info.php
 <?php

 // Pro hesla uživatelů
 $hashedPassword = password_hash($userPassword, PASSWORD_DEFAULT);
 if (password_verify($inputPassword, $hashedPassword)) {
    // přihlášen
 }

 // Pro bearer tokeny
 $token = hash_hmac('sha256', $windowStart, 'secret');
 if (hash_equals($token, $receivedToken)) {
    // autorizován
 }
diff --git a/token-fn.php b/token-fn.php
 <?php

 $currentTime = time();
 $timeWindow = 500; // token expiration
 $expectedToken = hash_hmac('sha256', $currentTime - ($currentTime % $timeWindow), 'OUR_ANY_SECRET');

 // echo hash_equals($expectedToken, $anyTokenFromGetorPost);
	<?php

	// Pro hesla uživatelů
	$hashedPassword = password_hash($userPassword, PASSWORD_DEFAULT);
	if (password_verify($inputPassword, $hashedPassword)) {
	// přihlášen
	}

	// Pro bearer tokeny
	$token = hash_hmac('sha256', $windowStart, 'secret');
	if (hash_equals($token, $receivedToken)) {
	// autorizován
	}
	<?php

	$currentTime = time();
	$timeWindow = 500; // token expiration
	$expectedToken = hash_hmac('sha256', $currentTime - ($currentTime % $timeWindow), 'OUR_ANY_SECRET');

	// echo hash_equals($expectedToken, $anyTokenFromGetorPost);