aboutsummaryrefslogtreecommitdiff
path: root/app/Models/Auth.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Models/Auth.php')
-rw-r--r--app/Models/Auth.php11
1 files changed, 6 insertions, 5 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 8c711308c..d1e26b8e8 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -233,9 +233,10 @@ class FreshRSS_FormAuth {
$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
$mtime = @filemtime($token_file);
- if ($mtime + 2629744 < time()) {
- // Token has expired (> 1 month) or does not exist.
- // TODO: 1 month -> use a configuration instead
+ $limits = $conf->limits;
+ $cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
+ if ($mtime + $cookie_duration < time()) {
+ // Token has expired (> cookie_duration) or does not exist.
@unlink($token_file);
return array();
}
@@ -256,7 +257,7 @@ class FreshRSS_FormAuth {
}
$limits = $conf->limits;
- $cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+ $cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
$expire = time() + $cookie_duration;
Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
return $token;
@@ -277,7 +278,7 @@ class FreshRSS_FormAuth {
public static function purgeTokens() {
$conf = Minz_Configuration::get('system');
$limits = $conf->limits;
- $cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+ $cookie_duration = empty($limits['cookie_duration']) ? 2592000 : $limits['cookie_duration'];
$oldest = time() - $cookie_duration;
foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {
// $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-22 13:42:24 +0000