Make the lifetime of the remember login cookie

2012-09-05 17:33:15 +02:00 · 2012-09-05 17:33:15 +02:00 · 4b799a6982
parent 7f3e0b5566
commit 4b799a6982
3 changed files with 9 additions and 5 deletions
--- a/config/config.sample.php
+++ b/config/config.sample.php
@ -86,6 +86,9 @@ $CONFIG = array(
 /* Loglevel to start logging at. 0=DEBUG, 1=INFO, 2=WARN, 3=ERROR (default is WARN) */
 "loglevel" => "",

+/* Lifetime of the remember login cookie, default is 15 days */
+"remember_login_cookie_lifetime" => 60*60*24*15,
+
 /* The directory where the user data is stored, default to data in the owncloud
 * directory. The sqlite database is also stored here, when sqlite is used.
 */
@ -104,4 +107,4 @@ $CONFIG = array(
 		'writable' => true,
  ),
 ),
-);
+);
--- a/lib/base.php
+++ b/lib/base.php
@ -512,7 +512,7 @@ class OC{
 	}

 	protected static function cleanupLoginTokens($user) {
-		$cutoff = time() - 60*60*24*15;
+		$cutoff = time() - OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15);
 		$tokens = OC_Preferences::getKeys($_COOKIE['oc_username'], 'login_token');
 		foreach($tokens as $token) {
 			$time = OC_Preferences::getValue($user, 'login_token', $token);
--- a/lib/user.php
+++ b/lib/user.php
@ -472,9 +472,10 @@ class OC_User {
 	 */
 	public static function setMagicInCookie($username, $token) {
 		$secure_cookie = OC_Config::getValue("forcessl", false);
-		setcookie("oc_username", $username, time()+60*60*24*15, '', '', $secure_cookie);
-		setcookie("oc_token", $token, time()+60*60*24*15, '', '', $secure_cookie);
-		setcookie("oc_remember_login", true, time()+60*60*24*15, '', '', $secure_cookie);
+		$expires = time() + OC_Config::getValue('remember_login_cookie_lifetime', 60*60*24*15);
+		setcookie("oc_username", $username, $expires, '', '', $secure_cookie);
+		setcookie("oc_token", $token, $expires, '', '', $secure_cookie);
+		setcookie("oc_remember_login", true, $expires, '', '', $secure_cookie);
 	}

 	/**