<?php
+/**
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
namespace Friendica\Model\User;
use Friendica\App;
-use Friendica\Core\Config\Configuration;
+use Friendica\Core\Config\IConfig;
/**
* Interacting with the Friendica Cookie of a user
const DEFAULT_EXPIRE = 7;
/** @var string The name of the Friendica cookie */
const NAME = 'Friendica';
+ /** @var string The path of the Friendica cookie */
+ const PATH = '/';
+ /** @var string The domain name of the Friendica cookie */
+ const DOMAIN = '';
+ /** @var bool True, if the cookie should only be accessible through HTTP */
+ const HTTPONLY = true;
/** @var string The remote address of this node */
private $remoteAddr = '0.0.0.0';
/** @var array The $_COOKIE array */
private $cookie;
- public function __construct(Configuration $config, array $server = [], array $cookie = [])
+ public function __construct(IConfig $config, App\BaseURL $baseURL, array $server = [], array $cookie = [])
{
if (!empty($server['REMOTE_ADDR'])) {
$this->remoteAddr = $server['REMOTE_ADDR'];
}
- $this->sslEnabled = $config->get('system', 'ssl_policy') === App\BaseURL::SSL_POLICY_FULL;
+ $this->sslEnabled = $baseURL->getSSLPolicy() === App\BaseURL::SSL_POLICY_FULL;
$this->sitePrivateKey = $config->get('system', 'site_prvkey');
$authCookieDays = $config->get('system', 'auth_cookie_lifetime',
/**
* Set the Friendica cookie for a user
*
- * @param int $uid The user id
- * @param string $password The user password
- * @param string $privateKey The user private key
- * @param int|null $seconds optional the seconds
+ * @param int $uid The user id
+ * @param string $password The user password
+ * @param string $privateKey The user private key
+ * @param int|null $seconds optional the seconds
*
* @return bool
*/
public function set(int $uid, string $password, string $privateKey, int $seconds = null)
{
if (!isset($seconds)) {
- $seconds = $this->lifetime;
+ $seconds = $this->lifetime + time();
} elseif (isset($seconds) && $seconds != 0) {
$seconds = $seconds + time();
}
'ip' => $this->remoteAddr,
]);
- return $this->setCookie(self::NAME, $value, $seconds,
- '/', '', $this->sslEnabled, true);
+ return $this->setCookie(self::NAME, $value, $seconds, $this->sslEnabled);
}
/**
public function clear()
{
// make sure cookie is deleted on browser close, as a security measure
- return $this->setCookie(self::NAME, '', -3600,
- '/', '', $this->sslEnabled, true);
+ return $this->setCookie(self::NAME, '', -3600, $this->sslEnabled);
}
/**
* @link https://php.net/manual/en/function.setcookie.php
*
* @param string $name
- * @param string $value [optional]
- * @param int $expire [optional]
- * @param string $path [optional]
- * @param string $domain [optional]
- * @param bool $secure [optional]
- * @param bool $httponly [optional] <p>
+ * @param string $value [optional]
+ * @param int $expire [optional]
+ * @param bool $secure [optional]
*
* @return bool If output exists prior to calling this function,
*
- * @since 4.0
- * @since 5.0
*/
protected function setCookie(string $name, string $value = null, int $expire = null,
- string $path = null, string $domain = null,
- bool $secure = null, bool $httponly = null)
+ bool $secure = null)
{
- return setcookie($name, $value, $expire, $path, $domain, $secure, $httponly);
+ return setcookie($name, $value, $expire, self::PATH, self::DOMAIN, $secure, self::HTTPONLY);
}
}