diff options
| author | vincent-peugnet <v.peugnet@free.fr> | 2020-04-09 00:36:37 +0200 |
|---|---|---|
| committer | vincent-peugnet <v.peugnet@free.fr> | 2020-04-09 00:36:37 +0200 |
| commit | e91dfdbc7549b60a6bc2decff885a26f7fbb365f (patch) | |
| tree | 71aa9722c07a12be5a7cbf3142f26b75ab23b3f7 /app/class/Controllerconnect.php | |
| parent | c35d018995da99028747fe672e4d07484855dba2 (diff) | |
| download | wcms-e91dfdbc7549b60a6bc2decff885a26f7fbb365f.tar.gz wcms-e91dfdbc7549b60a6bc2decff885a26f7fbb365f.zip | |
remember me with hash comparaison close #68
Diffstat (limited to 'app/class/Controllerconnect.php')
| -rw-r--r-- | app/class/Controllerconnect.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/app/class/Controllerconnect.php b/app/class/Controllerconnect.php index 816d69b..e9af86a 100644 --- a/app/class/Controllerconnect.php +++ b/app/class/Controllerconnect.php @@ -100,14 +100,16 @@ class Controllerconnect extends Controller /** * Create a cookie called `authtoken` * - * @param string $id Token string + * @param string $token Token string * @param int $conservation Time in day to keep the token * * @return bool True in cas of success, otherwise, false. */ - public function creatauthcookie(string $id, int $conservation): bool + public function creatauthcookie(string $token, int $conservation): bool { - return setcookie('authtoken', $id, time() + $conservation * 24 * 3600, null, null, false, true); + $hash = secrethash($token); + $cookie = $token . ':' . $hash; + return setcookie('authtoken', $cookie, time() + $conservation * 24 * 3600, null, null, false, true); } /** @@ -120,4 +122,5 @@ class Controllerconnect extends Controller //deleteauthcookie } + } |