AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 02:44:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make Remmeber Me Token Configurable and default to 3

Browse Source
This commit is contained in:
johnnyq
2024-04-04 19:52:44 -04:00
parent e1f1122b3e
commit 4824ae8ef8
8 changed files with 33 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
login.php
View File

@@ -66,6 +66,8 @@ $config_client_portal_enable = intval($row['config_client_portal_enable']);
$config_login_key_required = $row['config_login_key_required'];
$config_login_key_secret = $row['config_login_key_secret'];
$config_login_remember_me_days_expire = intval($row['config_login_remember_me_days_expire']);
// Login key verification
// If no/incorrect 'key' is supplied, send to client portal instead
if ($config_login_key_required) {
@@ -129,8 +131,8 @@ if (isset($_POST['login'])) {
// Validate MFA via a remember-me cookie
if (isset($_COOKIE['rememberme'])) {
// Get remember tokens less than 2 days old
$remember_tokens = mysqli_query($mysqli, "SELECT remember_token_token FROM remember_tokens WHERE remember_token_user_id = $user_id AND remember_token_created_at > (NOW() - INTERVAL 2 DAY)");
// Get remember tokens less than $config_login_remember_me_days_expire days old
$remember_tokens = mysqli_query($mysqli, "SELECT remember_token_token FROM remember_tokens WHERE remember_token_user_id = $user_id AND remember_token_created_at > (NOW() - INTERVAL $config_login_remember_me_expire DAY)");
while ($row = mysqli_fetch_assoc($remember_tokens)) {
if (hash_equals($row['remember_token_token'], $_COOKIE['rememberme'])) {
$mfa_is_complete = true;