1
1
Fork 0

Merge pull request #3373 from strk/expire-login-later

Make log-in cookie expiration time configurable
This commit is contained in:
Hypolite Petovan 2017-04-21 12:18:57 -04:00 committed by GitHub
commit 27b3943cc7
4 changed files with 14 additions and 1 deletions

View file

@ -25,6 +25,7 @@ Example: To set the directory value please add this line to your .htconfig.php:
* **allowed_link_protocols** (Array) - Allowed protocols in links URLs, add at your own risk. http is always allowed. * **allowed_link_protocols** (Array) - Allowed protocols in links URLs, add at your own risk. http is always allowed.
* **birthday_input_format** - Default value is "ymd". * **birthday_input_format** - Default value is "ymd".
* **block_local_dir** (Boolean) - Blocks the access to the directory of the local users. * **block_local_dir** (Boolean) - Blocks the access to the directory of the local users.
* **auth_cookie_lifetime** (Integer) - Number of days that should pass without any activity from a before before the users who choosed "Remember me" when logging in from that browser is considered logged out. Defaults to 7.
* **curl_range_bytes** - Maximum number of bytes that should be fetched. Default is 0, which mean "no limit". * **curl_range_bytes** - Maximum number of bytes that should be fetched. Default is 0, which mean "no limit".
* **db_log** - Name of a logfile to log slow database queries * **db_log** - Name of a logfile to log slow database queries
* **db_loglimit** - If a database call lasts longer than this value it is logged * **db_loglimit** - If a database call lasts longer than this value it is logged

View file

@ -91,3 +91,6 @@ $a->config['system']['directory'] = 'https://dir.friendica.social';
// Allowed protocols in link URLs; HTTP protocols always are accepted // Allowed protocols in link URLs; HTTP protocols always are accepted
$a->config['system']['allowed_link_protocols'] = array('ftp', 'ftps', 'mailto', 'cid', 'gopher'); $a->config['system']['allowed_link_protocols'] = array('ftp', 'ftps', 'mailto', 'cid', 'gopher');
// Authentication cookie lifetime, in days
$a->config['system']['auth_cookie_lifetime'] = 7;

View file

@ -1,4 +1,7 @@
<?php <?php
use \Friendica\Core\Config;
require_once('include/security.php'); require_once('include/security.php');
require_once('include/datetime.php'); require_once('include/datetime.php');
@ -19,7 +22,10 @@ if (isset($_COOKIE["Friendica"])) {
} }
// Renew the cookie // Renew the cookie
new_cookie(604800, $r[0]); // Expires after 7 days by default,
// can be set via system.auth_cookie_lifetime
$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
new_cookie($authcookiedays*24*60*60, $r[0]);
// Do the authentification if not done by now // Do the authentification if not done by now
if (!isset($_SESSION) OR !isset($_SESSION['authenticated'])) { if (!isset($_SESSION) OR !isset($_SESSION['authenticated'])) {

View file

@ -99,3 +99,6 @@ $a->config['system']['no_regfullname'] = true;
// Location of the global directory // Location of the global directory
$a->config['system']['directory'] = 'http://dir.friendi.ca'; $a->config['system']['directory'] = 'http://dir.friendi.ca';
// Authentication cookie lifetime, in days
$a->config['system']['auth_cookie_lifetime'] = 7;