Merge remote-tracking branch 'upstream/develop' into 1706-ostatus-attach

[friendica.git] / include / auth.php

diff --git a/include/auth.php b/include/auth.php
index 8512abe4866cf7a7a62a8d94100e994711b33795..d301f870556d5f79094bf5f7fdab06d1c34d6c89 100644 (file)
--- a/include/auth.php
+++ b/include/auth.php
@@ -1,4 +1,8 @@
 <?php
+
+use Friendica\App;
+use Friendica\Core\Config;
+
 require_once('include/security.php');
 require_once('include/datetime.php');
 
@@ -19,10 +23,13 @@ if (isset($_COOKIE["Friendica"])) {
                        }
 
                        // Renew the cookie
-                       new_cookie(604800, $r[0]);
+                       // Expires after 7 days by default,
+                       // can be set via system.auth_cookie_lifetime
+                       $authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
+                       new_cookie($authcookiedays*24*60*60, $r[0]);
 
                        // Do the authentification if not done by now
-                       if (!isset($_SESSION) OR !isset($_SESSION['authenticated'])) {
+                       if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
                                authenticate_success($r[0]);
 
                                if (get_config('system','paranoia'))
@@ -179,7 +186,7 @@ if (isset($_SESSION) && x($_SESSION,'authenticated') && (!x($_POST,'auth-params'
                        goaway(z_root());
                }
 
-               if ( ! $_POST['remember']) {
+               if (! $_POST['remember']) {
                        new_cookie(0); // 0 means delete on browser exit
                }