summaryrefslogtreecommitdiffstats
path: root/Http/RememberMe/TokenBasedRememberMeServices.php
diff options
context:
space:
mode:
Diffstat (limited to 'Http/RememberMe/TokenBasedRememberMeServices.php')
-rw-r--r--Http/RememberMe/TokenBasedRememberMeServices.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php
index 1aea5fd..d68ada5 100644
--- a/Http/RememberMe/TokenBasedRememberMeServices.php
+++ b/Http/RememberMe/TokenBasedRememberMeServices.php
@@ -54,7 +54,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
}
- if (!StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
+ if (true !== StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
throw new AuthenticationException('The cookie\'s hash is invalid.');
}
@@ -121,6 +121,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
*/
protected function generateCookieHash($class, $username, $expires, $password)
{
- return hash('sha256', $class.$username.$expires.$password.$this->getKey());
+ return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey());
}
}
generated by cgit v1.1 at 2025-05-17 03:58:30 +0000