diegods/homelabdspbx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add remember token to user log array instead of update query (#7782)

Browse Source 
* Add remember token to user log array instead of update query

* Update user_logs.php
This commit is contained in:
Alex
2026-03-11 22:43:59 +00:00
committed by GitHub
parent 93fd95bf9a
commit bb5240a1cc
2 changed files with 6 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/authentication/resources/classes/authentication.php
+3 -22
View File
@@ -350,29 +350,10 @@ class authentication {
$validator = generate_password(32);
$hashed_validator = password_hash($validator, PASSWORD_DEFAULT);
$token = $selector.':'.$validator;
$remote_address = $_SERVER['REMOTE_ADDR'] ?? '';
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
//save token to the user logs
$sql = "update v_user_logs ";
$sql .= "set remember_selector = :remember_selector, ";
$sql .= "remember_validator = :remember_validator ";
$sql .= "where user_log_uuid = ( ";
$sql .= " select user_log_uuid FROM v_user_logs ";
$sql .= " where result = 'success' ";
$sql .= " and remote_address = :remote_address ";
$sql .= " and user_agent = :user_agent ";
$sql .= " and user_uuid = :user_uuid ";
$sql .= " and timestamp > NOW() - INTERVAL '7 days' ";
$sql .= " order by timestamp desc limit 1 ";
$sql .= ") ";
$parameters['remember_selector'] = $selector;
$parameters['remember_validator'] = $hashed_validator;
$parameters['remote_address'] = $remote_address;
$parameters['user_agent'] = $user_agent;
$parameters['user_uuid'] = $user['user_uuid'];
$this->database->execute($sql, $parameters);
unset($sql, $parameters);
//save token to the user log array
$_SESSION['authentication']['plugin'][$name]['remember_selector'] = $selector;
$_SESSION['authentication']['plugin'][$name]['remember_validator'] = $hashed_validator;
//set the cookie
setcookie('remember', $token, [
core/user_logs/resources/classes/user_logs.php
+2
View File
@@ -113,6 +113,8 @@ class user_logs {
$array['user_logs'][0]["remote_address"] = $_SERVER['REMOTE_ADDR'];
$array['user_logs'][0]["user_agent"] = $_SERVER['HTTP_USER_AGENT'];
$array['user_logs'][0]["session_id"] = session_id();
$array['user_logs'][0]["remember_selector"] = $result['remember_selector'] ?? '';
$array['user_logs'][0]["remember_validator"] = $result['remember_validator'] ?? '';
if ($result["authorized"]) {
$array['user_logs'][0]["result"] = 'success';
} else {