Time Barred Token



Small extension for Yii framework, providing an API for creating and validating an encrypted token that has a limited lifetime, and also provides a filter to allow or deny execution of controller actions, depending on the validity of the token.


  1. Put files into protected/extension/TimeBarredToken folder
  2. Add TimeBarredTokenComponent to your application components in protected/config/main.php:

    'components' => array(
        'timeBarredToken' => array(
            'class' => 'ext.TimeBarredToken.TimeBarredTokenComponent',
            /* This is optional: */
            'duration' => 3600,
            'encryptionKey' => 'mmn!$89MmdiopNWuIOOEWR-0AA689',
            'validationKey' => '903*(E)0k909eijj1@#0-',


Here is example controller, which allow access to http://<>/article/details from 15:00 till 16:00 only for user, that have right token:

class ArticleController extends CController {
    public function filters() {
        return array(
            'ext.TimeBarredToken.TimeBarredTokenFilter + details',
            'throwException' => true,
            'message' => 'Access to this article denied!',

    /* This action shows you protected page */
    public function actionDetails() {

    /* This action generates link with token and should be accessible only for authorised users - usually only for you */
    public function actionMySecretLinkGenerator() {
        echo Yii::app()->createUrl('article/details', array('token' => Yii::app()->timeBarredToken->getToken(strtotime('21 december 2011 15:00'), 3600)));

Now, you can create a marker with page http://<>/article/mySecretLinkGenerator and the web page http://<>/article/details can be achieved using a link like this:


Access will be limited from 15:00 till 16:00 21 dec 2012

Important note

Token contains only time limits, not also route, so many pages may be accessible with one valid token!