How to use token

Source: Internet
Author: User
How do I use token? I see a token when someone else's mobile client interacts with the server. what is the principle of token? How to implement it? How can I use php to develop servers? ------ Solution ------------------ token & nbsp; used to verify that & nbsp; requests are sent by your client. & nbsp; only the token & nbsp; how does the server use the token when the verification is true?
I can see that the interaction between other mobile clients and servers carries a token. what is the principle of the token? How to implement it? How can I use php to develop servers?
------ Solution --------------------
The token is used to verify that the request belongs to your client. only when the token is verified as true will the server accept the data returned by the request.
------ Solution --------------------
The token is a token used to determine the identity.

First, the server creates a token to send it to the client. each request from the client sends the token to the server for authentication.

In a simple way, encrypt the id as the token, and then decrypt the token as the id

Define ('key', '# ^ DKHSD & * f'); // defines the KEY

$ Id = '000000 ';
$ Token = genToken ($ id );

Echo 'Id encrypt token = '. $ token .'
';
Echo 'token decrypt id = '. checkToken ($ token );

// Create a token
Function genToken ($ id ){
$ Str = json_encode (array (time (), mt_rand (), $ id ));
Return authcode ($ str, 'encoding', KEY );
}

// Verify the token
Function checkToken ($ token ){
$ Str = authcode ($ token, 'Decode', KEY );
$ Result = json_decode ($ str );
If (is_array ($ result )){
Return $ result [2];
} Else {
Return 'Crypt fail ';
}
}


// Encryption/decryption method
Function authcode ($ string, $ operation = 'Decode', $ key ){

$ Ckey_length = 4; // The random key length ranges from 0 to 32;

$ Key = md5 ($ key );
$ Keya = md5 (substr ($ key, 0, 16 ));
$ Keyb = md5 (substr ($ key, 16, 16 ));
$ Keyc = $ ckey_length? ($ Operation = 'decode '? Substr ($ string, 0, $ ckey_length): substr (md5 (microtime (),-$ ckey_length )):'';

$ Cryptkey = $ keya. md5 ($ keya. $ keyc );
$ Key_length = strlen ($ cryptkey );

$ String = $ operation = 'decode '? Base64_decode (substr ($ string, $ ckey_length): sprintf ('% 010d', 0 ). substr (md5 ($ string. $ keyb), 0, 16 ). $ string;
$ String_length = strlen ($ string );

$ Result = '';
$ Box = range (1, 0,255 );

$ Rndkey = array ();
For ($ I = 0; $ I <= 255; $ I ++ ){
$ Rndkey [$ I] = ord ($ cryptkey [$ I % $ key_length]);
}

For ($ j = $ I = 0; I I <256; $ I ++ ){
$ J = ($ j + $ box [$ I] + $ rndkey [$ I]) % 256;
$ Tmp = $ box [$ I];
$ Box [$ I] = $ box [$ j];
$ Box [$ j] = $ tmp;
}

For ($ a = $ j = $ I = 0; $ I <$ string_length; $ I ++ ){
$ A = ($ a + 1) % 256;
$ J = ($ j + $ box [$ a]) % 256;
$ Tmp = $ box [$ a];
$ Box [$ a] = $ box [$ j];
$ Box [$ j] = $ tmp;
$ Result. = chr (ord ($ string [$ I]) ^ ($ box [($ box [$ a] + $ box [$ j]) % 256]);
}

If ($ operation = 'decode '){
If (substr ($ result, 0, 10) = 0
------ Solution --------------------
Substr ($ result, 0, 10)-time ()> 0) & substr ($ result, 10, 16) = substr (md5 (substr ($ result, 26 ). $ keyb), 0, 16 )){
Return substr ($ result, 26 );
} Else {
Return '';
}
} Else {
Return $ keyc. str_replace ('=', '', base64_encode ($ result ));
}

}
?>

------ Solution --------------------
Token. the client and server verify each other, that is, encryption and decryption.
Generate an encrypted string.
------ Solution --------------------
If a token is detected, the token can be used again.
However, token is intended to prevent malicious access, and reuse involves vulnerabilities that can be exploited.
Therefore, it is better to issue it each time.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.