z_nonce (zotonic_core v1.0.0-rc.17)
Nonce support. Create nonces, and track nonce usage. Used nonce values are tracked for 15 minutes. Nonce values themselves are also typically valid for 15 minutes, unless another period is requested.
Summary
Functions
Initialize the nonce tables. Calles by zotonic_core_sup, which process will be the owner of these tables. Force a reset of the secure nonce secret as the nonce tables are re-initialized.
Check if the nonce has been registered in the last ?NONCE_TIMEOUT seconds The nonce must have been created by nonce/1.
Check if the nonce has been registered in the last ?NONCE_TIMEOUT seconds. The nonce can be any key.
Return a new nonce value, strictly valid for the how long we keep the used nonce values. The key is valid across restarts, registered keys could be re-used after a restart.
Return a new nonce value, valid for about the given number of seconds. The key is valid across restarts, registered keys could be re-used after a restart.
Remove all keys from the "previous" nonce registration table, schedule a timer for the next removal.
Return the secret used for signing the nonce values returned by nonce/0 and nonce/1
Return a new nonce value, strictly valid for the how long we keep the used nonce values. The keys are not valid between restarts, this gives maximum protection against replay attacks.
Register a nonce for use, will be remembered for the next ?NONCE_TIMEOUT seconds or until unregistered. The nonce must be generated with nonce/1 and will be checked if it was expired.
Register a nonce for use, will be remembered for the next ?NONCE_TIMEOUT seconds or until unregistered. The nonce can be any binary smaller than 50 bytes.
Forget about a nonce. Removes it from the registered nonce values. The nonce must have been created by nonce/1
Forget about a nonce. Removes it from the registered nonce values. The nonce can be any key.
Functions
-spec init_nonce_tables() -> ok.
Initialize the nonce tables. Calles by zotonic_core_sup, which process will be the owner of these tables. Force a reset of the secure nonce secret as the nonce tables are re-initialized.
Check if the nonce has been registered in the last ?NONCE_TIMEOUT seconds The nonce must have been created by nonce/1.
Check if the nonce has been registered in the last ?NONCE_TIMEOUT seconds. The nonce can be any key.
-spec nonce() -> Nonce when Nonce :: binary().
Return a new nonce value, strictly valid for the how long we keep the used nonce values. The key is valid across restarts, registered keys could be re-used after a restart.
Return a new nonce value, valid for about the given number of seconds. The key is valid across restarts, registered keys could be re-used after a restart.
-spec nonce_cleanup() -> ok.
Remove all keys from the "previous" nonce registration table, schedule a timer for the next removal.
-spec nonce_secret() -> binary().
Return the secret used for signing the nonce values returned by nonce/0 and nonce/1
-spec nonce_secure() -> Nonce when Nonce :: binary().
Return a new nonce value, strictly valid for the how long we keep the used nonce values. The keys are not valid between restarts, this gives maximum protection against replay attacks.
-spec register(Nonce) -> ok | {error, Reason} when Nonce :: binary(), Reason :: duplicate | overload | key | expired.
Register a nonce for use, will be remembered for the next ?NONCE_TIMEOUT seconds or until unregistered. The nonce must be generated with nonce/1 and will be checked if it was expired.
-spec register_any(Nonce) -> ok | {error, Reason} when Nonce :: binary(), Reason :: duplicate | overload | key | expired.
Register a nonce for use, will be remembered for the next ?NONCE_TIMEOUT seconds or until unregistered. The nonce can be any binary smaller than 50 bytes.
-spec unregister(Nonce) -> ok | {error, key} when Nonce :: binary().
Forget about a nonce. Removes it from the registered nonce values. The nonce must have been created by nonce/1
-spec unregister_any(Nonce) -> ok when Nonce :: binary().
Forget about a nonce. Removes it from the registered nonce values. The nonce can be any key.