fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 11:11:39 +09:00
Code Issues Projects Releases Packages Wiki Activity

Add options to control autologin cookie lifetime and refresh function

Browse source
This commit is contained in:
Kijin Sung 2023-08-29 23:42:01 +09:00
parent 87300c9944
commit 4af7354bf0
7 changed files with 24 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/admin/controllers/systemconfig/Security.php
View file

@ -32,6 +32,8 @@ class Security extends Base
Context::set('remote_addr', RX_CLIENT_IP);
// Session and cookie security settings
Context::set('autologin_lifetime', Config::get('session.autologin_lifetime') ?: 365);
Context::set('autologin_refresh', Config::get('session.autologin_refresh') ?? true);
Context::set('use_httponly', Config::get('session.httponly'));
Context::set('use_samesite', Config::get('session.samesite'));
Context::set('use_session_ssl', Config::get('session.use_ssl'));
@ -127,6 +129,8 @@ class Security extends Base
Config::set('admin.allow', array_values($allowed_ip));
Config::set('admin.deny', array_values($denied_ip));
Config::set('session.autologin_lifetime', max(1, min(400, intval($vars->autologin_lifetime))));
Config::set('session.autologin_refresh', ($vars->autologin_refresh ?? 'N') === 'Y');
Config::set('session.httponly', $vars->use_httponly === 'Y');
Config::set('session.samesite', $vars->use_samesite);
Config::set('session.use_ssl', $vars->use_session_ssl === 'Y');