From 05b6891e89c52f325aaa910f853938b39bf8129e Mon Sep 17 00:00:00 2001 From: Sandro Santilli Date: Fri, 21 Apr 2017 16:15:39 +0200 Subject: [PATCH] Allow specifying cookie lifetime via config variable Tweak $a->config['system']['auth_cookie_lifetime'] --- htconfig.php | 3 +++ include/auth.php | 6 ++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/htconfig.php b/htconfig.php index 4ea97e9aeb..08beb0b50e 100644 --- a/htconfig.php +++ b/htconfig.php @@ -91,3 +91,6 @@ $a->config['system']['directory'] = 'https://dir.friendica.social'; // Allowed protocols in link URLs; HTTP protocols always are accepted $a->config['system']['allowed_link_protocols'] = array('ftp', 'ftps', 'mailto', 'cid', 'gopher'); + +// Authentication cookie lifetime, in days +$a->config['system']['auth_cookie_lifetime'] = 7 diff --git a/include/auth.php b/include/auth.php index 636b5b153a..2258128c5d 100644 --- a/include/auth.php +++ b/include/auth.php @@ -19,8 +19,10 @@ if (isset($_COOKIE["Friendica"])) { } // Renew the cookie - // Expires after 90 days - TODO: use a configuration variable - new_cookie(90*24*60*60, $r[0]); + // Expires after 7 days by default, + // can be set via system.auth_cookie_lifetime + $authcookiedays = get_config('system','auth_cookie_lifetime') || 7; + new_cookie($authcookiedays*24*60*60, $r[0]); // Do the authentification if not done by now if (!isset($_SESSION) OR !isset($_SESSION['authenticated'])) {