diff --git a/app/Config/Aauth.php b/app/Config/Aauth.php index f7106f3..3436f1f 100644 --- a/app/Config/Aauth.php +++ b/app/Config/Aauth.php @@ -48,6 +48,7 @@ class Aauth extends BaseConfig | | Link for verification without site_url or base_url | (default: '/account/verification/index') + | | 'linkVerification' | | Redirect path to TOTP Verification page @@ -113,11 +114,6 @@ class Aauth extends BaseConfig | Login Variables |-------------------------------------------------------------------------- | - | 'loginUseUsername' - | - | Login Identificator, if TRUE username needed to login else email address - | (default: false) - | | 'loginRemember' | | Remember time (in relative format) elapsed after connecting and automatic @@ -126,6 +122,21 @@ class Aauth extends BaseConfig | http://php.net/manual/de/datetime.formats.relative.php | (default: '+14 days') | + | 'loginRememberCookie' + | + | Remember cookie name. + | (default: 'remember') + | + | 'loginSingleMode' + | + | Login Single Mode, if true only one session per user can be active. + | (default: false) + | + | 'loginUseUsername' + | + | Login Identificator, if TRUE username needed to login else email address + | (default: false) + | | 'loginProtection' | | Enables the DDoS Protection, user will be banned temporary when he exceed the login 'try' @@ -136,6 +147,11 @@ class Aauth extends BaseConfig | Login attempts limit | (default: 10) | + | 'loginAttemptCookie' + | + | Login attempts count & block trough Cookie instead of Login Attempt DB & IP + | (default: false) + | | 'loginAttemptLimitTimePeriod' | | Period of time for max login attempts @@ -147,9 +163,12 @@ class Aauth extends BaseConfig | (default: true) */ public $loginRemember = '+14 days'; + public $loginRememberCookie = 'remember'; + public $loginSingleMode = false; public $loginUseUsername = false; public $loginProtection = true; public $loginAttemptLimit = 10; + public $loginAttemptCookie = false; public $loginAttemptLimitTimePeriod = '5 minutes'; public $loginAttemptRemoveSuccessful = true; diff --git a/app/Libraries/Aauth.php b/app/Libraries/Aauth.php index 03fe7e1..4f49a98 100644 --- a/app/Libraries/Aauth.php +++ b/app/Libraries/Aauth.php @@ -135,7 +135,7 @@ class Aauth public function login(string $identifier, string $password, bool $remember = null, string $totpCode = null) { helper('cookie'); - delete_cookie('remember'); + delete_cookie($this->config->loginRememberCookie); $userModel = new UserModel(); $loginAttemptModel = new LoginAttemptModel(); @@ -276,7 +276,7 @@ class Aauth $randomString = random_string('alnum', 32); $selectorString = random_string('alnum', 16); - $cookieData['name'] = 'remember'; + $cookieData['name'] = $this->config->loginRememberCookie; $cookieData['value'] = $userId . ';' . $randomString . ';' . $selectorString; $cookieData['expire'] = YEAR; @@ -316,7 +316,7 @@ class Aauth public function logout() { helper('cookie'); - set_cookie('remember', '', -3600); + set_cookie($this->config->loginRememberCookie, '', -3600); $this->session->remove('user'); @$this->session->destroy(); } @@ -371,7 +371,7 @@ class Aauth { return true; } - else if ($cookie = get_cookie('remember')) + else if ($cookie = get_cookie($this->config->loginRememberCookie)) { $cookie = explode(';', $cookie); $cookie[0] = base64_decode($cookie[0]); @@ -398,7 +398,7 @@ class Aauth else { $loginTokenModel->deleteExpired($cookie[0]); - delete_cookie('remember'); + delete_cookie($this->config->loginRememberCookie); } } }