Token for JWT / Bearer

26.6.2025

PHP

token-fn.php Raw #

<?php

$currentTime = time();
$timeWindow = 500; // token expiration
$expectedToken = hash_hmac('sha256', $currentTime - ($currentTime % $timeWindow), 'OUR_ANY_SECRET');

// echo hash_equals($expectedToken, $anyTokenFromGetorPost);

info.php Raw #

<?php

// Pro hesla uživatelů
$hashedPassword = password_hash($userPassword, PASSWORD_DEFAULT);
if (password_verify($inputPassword, $hashedPassword)) {
    // přihlášen
}

// Pro bearer tokeny
$token = hash_hmac('sha256', $windowStart, 'secret');
if (hash_equals($token, $receivedToken)) {
    // autorizován
}