1 files changed, 7 insertions, 5 deletions

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 8c711308c..9c3e31952 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -233,9 +233,11 @@ class FreshRSS_FormAuth {
 
 		$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		$mtime = @filemtime($token_file);
-		if ($mtime + 2629744 < time()) {
-			// Token has expired (> 1 month) or does not exist.
-			// TODO: 1 month -> use a configuration instead
+		$conf = Minz_Configuration::get('system');
+		$limits = $conf->limits;
+		$cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
+		if ($mtime + $cookie_duration < time()) {
+			// Token has expired (> cookie_duration) or does not exist.
 			@unlink($token_file);
 			return array();
 		}
@@ -256,7 +258,7 @@ class FreshRSS_FormAuth {
 		}
 
 		$limits = $conf->limits;
-		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
 		$expire = time() + $cookie_duration;
 		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
 		return $token;
@@ -277,7 +279,7 @@ class FreshRSS_FormAuth {
 	public static function purgeTokens() {
 		$conf = Minz_Configuration::get('system');
 		$limits = $conf->limits;
-		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
 		$oldest = time() - $cookie_duration;
 		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {
 			// $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7