updated Aauth Config

- added `loginRememberCookie` incl. changed in Aauth Library - added `loginSingleMode` - moved `loginUseUsername` after `loginSingleMode` - added `loginAttemptCookie`
6 years ago · 0af911c555
2 changed files with 29 additions and 10 deletions
--- a/app/Config/Aauth.php
+++ b/app/Config/Aauth.php
@ -48,6 +48,7 @@ class Aauth extends BaseConfig
 	|
 	|	Link for verification without site_url or base_url
 	|	(default: '/account/verification/index')
 	|
 	| 'linkVerification'
 	|
 	|	Redirect path to TOTP Verification page
@ -113,11 +114,6 @@ class Aauth extends BaseConfig
 	| Login Variables
 	|--------------------------------------------------------------------------
 	|
 	| 'loginUseUsername'
 	|
 	|	Login Identificator, if TRUE username needed to login else email address
 	|	(default: false)
 	|
 	| 'loginRemember'
 	|
 	|	Remember time (in relative format) elapsed after connecting and automatic
@ -126,6 +122,21 @@ class Aauth extends BaseConfig
 	|	http://php.net/manual/de/datetime.formats.relative.php
 	|	(default: '+14 days')
 	|
 	| 'loginRememberCookie'
 	|
 	|	Remember cookie name.
 	|	(default: 'remember')
 	|
 	| 'loginSingleMode'
 	|
 	|	Login Single Mode, if true only one session per user can be active.
 	|	(default: false)
 	|
 	| 'loginUseUsername'
 	|
 	|	Login Identificator, if TRUE username needed to login else email address
 	|	(default: false)
 	|
 	| 'loginProtection'
 	|
 	|	Enables the DDoS Protection, user will be banned temporary when he exceed the login 'try'
@ -136,6 +147,11 @@ class Aauth extends BaseConfig
 	|	Login attempts limit
 	|	(default: 10)
 	|
 	| 'loginAttemptCookie'
 	|
 	|	Login attempts count & block trough Cookie instead of Login Attempt DB & IP
 	|	(default: false)
 	|
 	| 'loginAttemptLimitTimePeriod'
 	|
 	|	Period of time for max login attempts
@ -147,9 +163,12 @@ class Aauth extends BaseConfig
 	|	(default: true)
 	*/
 	public $loginRemember                = '+14 days';
 	public $loginRememberCookie          = 'remember';
 	public $loginSingleMode              = false;
 	public $loginUseUsername             = false;
 	public $loginProtection              = true;
 	public $loginAttemptLimit            = 10;
 	public $loginAttemptCookie           = false;
 	public $loginAttemptLimitTimePeriod  = '5 minutes';
 	public $loginAttemptRemoveSuccessful = true;
--- a/app/Libraries/Aauth.php
+++ b/app/Libraries/Aauth.php
@ -135,7 +135,7 @@ class Aauth
 	public function login(string $identifier, string $password, bool $remember = null, string $totpCode = null)
 	{
 		helper('cookie');
-		delete_cookie('remember');
+		delete_cookie($this->config->loginRememberCookie);
 		$userModel         = new UserModel();
 		$loginAttemptModel = new LoginAttemptModel();
@ -276,7 +276,7 @@ class Aauth
 				$randomString    = random_string('alnum', 32);
 				$selectorString  = random_string('alnum', 16);
-				$cookieData['name']   = 'remember';
+				$cookieData['name']   = $this->config->loginRememberCookie;
 				$cookieData['value']  = $userId . ';' . $randomString . ';' . $selectorString;
 				$cookieData['expire'] = YEAR;
@ -316,7 +316,7 @@ class Aauth
 	public function logout()
 	{
 		helper('cookie');
-		set_cookie('remember', '', -3600);
+		set_cookie($this->config->loginRememberCookie, '', -3600);
 		$this->session->remove('user');
 		@$this->session->destroy();
 	}
@ -371,7 +371,7 @@ class Aauth
 		{
 			return true;
 		}
-		else if ($cookie = get_cookie('remember'))
+		else if ($cookie = get_cookie($this->config->loginRememberCookie))
 		{
 			$cookie    = explode(';', $cookie);
 			$cookie[0] = base64_decode($cookie[0]);
@ -398,7 +398,7 @@ class Aauth
 						else
 						{
 							$loginTokenModel->deleteExpired($cookie[0]);
-							delete_cookie('remember');
+							delete_cookie($this->config->loginRememberCookie);
 						}
 					}
 				}