From 332a4dec8690b658bcb878a20056aea33c673f69 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre.alapetite@alexandra.dk>
Date: Sat, 24 Dec 2016 16:33:28 +0100
Subject: Option for cookie duration

https://github.com/FreshRSS/FreshRSS/issues/1384
---
 app/Models/Auth.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'app/Models')

diff --git a/app/Models/Auth.php b/app/Models/Auth.php
index 3313fdf3f..042210eaf 100644
--- a/app/Models/Auth.php
+++ b/app/Models/Auth.php
@@ -219,8 +219,8 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function makeCookie($username, $password_hash) {
+		$conf = Minz_Configuration::get('system');
 		do {
-			$conf = Minz_Configuration::get('system');
 			$token = sha1($conf->salt . $username . uniqid(mt_rand(), true));
 			$token_file = DATA_PATH . '/tokens/' . $token . '.txt';
 		} while (file_exists($token_file));
@@ -229,7 +229,9 @@ class FreshRSS_FormAuth {
 			return false;
 		}
 
-		$expire = time() + 2629744;	//1 month	//TODO: Use a configuration instead
+		$limits = $conf->limits;
+		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$expire = time() + $cookie_duration;
 		Minz_Session::setLongTermCookie('FreshRSS_login', $token, $expire);
 		return $token;
 	}
@@ -247,7 +249,10 @@ class FreshRSS_FormAuth {
 	}
 
 	public static function purgeTokens() {
-		$oldest = time() - 2629744;	// 1 month	// TODO: Use a configuration instead
+		$conf = Minz_Configuration::get('system');
+		$limits = $conf->limits;
+		$cookie_duration = empty($limits['cookie_duration']) ? 2629744 : $limits['cookie_duration'];
+		$oldest = time() - $cookie_duration;
 		foreach (new DirectoryIterator(DATA_PATH . '/tokens/') as $file_info) {
 			// $extension = $file_info->getExtension(); doesn't work in PHP < 5.3.7
 			$extension = pathinfo($file_info->getFilename(), PATHINFO_EXTENSION);
-- 
cgit v1.2.3