mirror/php-auth
1
0
Fork 0
mirror of https://github.com/delight-im/PHP-Auth.git synced 2025-08-06 16:16:29 +02:00
Code Issues Releases Wiki Activity

Increase entropy in tokens for remember directives

Browse Source
This commit is contained in:
Marco
2016-12-04 16:52:18 +01:00
parent ac95be3714
commit 5e331924f6
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Auth.php
View File

@@ -369,7 +369,7 @@ class Auth {
*/ */
private function createRememberDirective($userId) { private function createRememberDirective($userId) {
$selector = self::createRandomString(24); $selector = self::createRandomString(24);
$token = self::createRandomString(24); $token = self::createRandomString(32);
$tokenHashed = password_hash($token, PASSWORD_DEFAULT); $tokenHashed = password_hash($token, PASSWORD_DEFAULT);
$expires = time() + 3600 * 24 * 28; $expires = time() + 3600 * 24 * 28;