Browse Source

Merge pull request #3373 from strk/expire-login-later

Make log-in cookie expiration time configurable
pull/3377/head
Hypolite Petovan 5 years ago committed by GitHub
parent
commit
27b3943cc7
  1. 1
      doc/htconfig.md
  2. 3
      htconfig.php
  3. 8
      include/auth.php
  4. 3
      view/templates/htconfig.tpl

1
doc/htconfig.md

@ -25,6 +25,7 @@ Example: To set the directory value please add this line to your .htconfig.php:
* **allowed_link_protocols** (Array) - Allowed protocols in links URLs, add at your own risk. http is always allowed.
* **birthday_input_format** - Default value is "ymd".
* **block_local_dir** (Boolean) - Blocks the access to the directory of the local users.
* **auth_cookie_lifetime** (Integer) - Number of days that should pass without any activity from a before before the users who choosed "Remember me" when logging in from that browser is considered logged out. Defaults to 7.
* **curl_range_bytes** - Maximum number of bytes that should be fetched. Default is 0, which mean "no limit".
* **db_log** - Name of a logfile to log slow database queries
* **db_loglimit** - If a database call lasts longer than this value it is logged

3
htconfig.php

@ -91,3 +91,6 @@ $a->config['system']['directory'] = 'https://dir.friendica.social';
// Allowed protocols in link URLs; HTTP protocols always are accepted
$a->config['system']['allowed_link_protocols'] = array('ftp', 'ftps', 'mailto', 'cid', 'gopher');
// Authentication cookie lifetime, in days
$a->config['system']['auth_cookie_lifetime'] = 7;

8
include/auth.php

@ -1,4 +1,7 @@
<?php
use \Friendica\Core\Config;
require_once('include/security.php');
require_once('include/datetime.php');
@ -19,7 +22,10 @@ if (isset($_COOKIE["Friendica"])) {
}
// Renew the cookie
new_cookie(604800, $r[0]);
// Expires after 7 days by default,
// can be set via system.auth_cookie_lifetime
$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
new_cookie($authcookiedays*24*60*60, $r[0]);
// Do the authentification if not done by now
if (!isset($_SESSION) OR !isset($_SESSION['authenticated'])) {

3
view/templates/htconfig.tpl

@ -99,3 +99,6 @@ $a->config['system']['no_regfullname'] = true;
// Location of the global directory
$a->config['system']['directory'] = 'http://dir.friendi.ca';
// Authentication cookie lifetime, in days
$a->config['system']['auth_cookie_lifetime'] = 7;

Loading…
Cancel
Save