Skip to content

Commit

Permalink
🔧 Made login tokens time based
Browse files Browse the repository at this point in the history
  • Loading branch information
@anditv21
anditv21 committed Dec 8, 2023
1 parent 7abbe03 commit 5c6f0c0
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 23 deletions.
28 changes: 6 additions & 22 deletions DB.sql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
-- https://www.phpmyadmin.net/
--
-- Host: localhost:3306
-- Generation Time: Nov 08, 2023 at 08:23 AM
-- Generation Time: Dec 08, 2023 at 04:54 AM
-- Server version: 10.5.21-MariaDB-0+deb11u1
-- PHP Version: 7.4.33

Expand Down Expand Up @@ -88,16 +88,10 @@ CREATE TABLE `login` (
`browser` varchar(255) NOT NULL,
`os` varchar(255) NOT NULL,
`time` varchar(255) NOT NULL,
`note` varchar(255) NOT NULL
`note` varchar(255) NOT NULL,
`createdAt` date NOT NULL DEFAULT current_timestamp()
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;

--
-- Dumping data for table `login`
--

INSERT INTO `login` (`id`, `username`, `remembertoken`, `ip`, `browser`, `os`, `time`, `note`) VALUES
(60, 'admin', '2c518139ab60d878430c0f35c85cc493', 'localhost', 'Google Chrome', 'Windows 10', 'November 08 th, 9:17', 'none');

-- --------------------------------------------------------

--
Expand Down Expand Up @@ -177,16 +171,6 @@ CREATE TABLE `userlogs` (
`time` varchar(255) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;

--
-- Dumping data for table `userlogs`
--

INSERT INTO `userlogs` (`id`, `username`, `action`, `browser`, `os`, `ip`, `time`) VALUES
(278, 'admin2', 'Flushed all logs', 'Chrome', 'Windows 10', 'localhost', 'August 12 th, 22:46'),
(473, 'admin', 'Flushed all logs', 'Google Chrome', 'Windows 10', 'localhost', 'November 07 th, 8:29'),
(474, 'admin', 'Logged in via cookie', 'Google Chrome', 'Windows 10', 'localhost', 'November 08 th, 9:17'),
(475, 'admin', 'Login', 'Google Chrome', 'Windows 10', 'localhost', 'November 08 th, 9:17');

-- --------------------------------------------------------

--
Expand Down Expand Up @@ -227,7 +211,7 @@ CREATE TABLE `users` (
--

INSERT INTO `users` (`uid`, `username`, `displayname`, `password`, `hwid`, `admin`, `supp`, `sub`, `username_change`, `frozen`, `banned`, `invitedBy`, `createdAt`, `lastIP`, `currentLogin`, `lastLogin`, `banreason`, `resetcount`, `lastreset`, `invites`, `invitescount`, `discord_access_token`, `discord_refresh_token`, `dcid`, `muted`, `loginfails`) VALUES
(1, 'admin', 'andi_arbeit', '$2y$10$7wOzYc.AXpXc1nE/b0IqLOsP2w1cK9LZXDUi6hoSyuWBDj3DoBjOK', NULL, 1, 1, '2023-06-01', NULL, 0, 0, '', '2022-07-05 22:04:37', 'localhost', '2023-11-08 09:17:08', '2023-11-07 08:23:04', 'none', 13, '2023-07-30', 26, 0, NULL, NULL, NULL, 0, 0),
(1, 'admin', 'andi_arbeit', '$2y$10$7wOzYc.AXpXc1nE/b0IqLOsP2w1cK9LZXDUi6hoSyuWBDj3DoBjOK', NULL, 1, 1, '2023-06-01', NULL, 0, 0, '', '2022-07-05 22:04:37', 'localhost', '2023-12-08 05:42:01', '2023-11-08 09:17:08', 'none', 13, '2023-07-30', 26, 0, NULL, NULL, NULL, 0, 0),
(2, 'admin2', NULL, '$argon2i$v=19$m=65536,t=4,p=1$dUNwRW5vNkJ1S1FubGJjRg$0hKtX7rVveuPpCeatmqb2iX55kEo/qBERXkZkiGGJ8E', NULL, 0, 0, '2089-04-28', NULL, 0, 0, 'System', '2023-07-01 14:06:00', 'localhost', '2023-08-13 12:49:39', '2023-08-12 22:49:20', 'none', 0, NULL, 15, 0, NULL, NULL, NULL, 0, 0);

--
Expand Down Expand Up @@ -308,7 +292,7 @@ ALTER TABLE `adminlogs`
-- AUTO_INCREMENT for table `login`
--
ALTER TABLE `login`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=61;
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=62;

--
-- AUTO_INCREMENT for table `shoutbox`
Expand All @@ -320,7 +304,7 @@ ALTER TABLE `shoutbox`
-- AUTO_INCREMENT for table `userlogs`
--
ALTER TABLE `userlogs`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=476;
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=478;

--
-- AUTO_INCREMENT for table `users`
Expand Down
25 changes: 24 additions & 1 deletion src/app/models/UtilModel.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,10 +50,32 @@ protected function validateRememberToken($token)
$this->prepare('SELECT * FROM login WHERE remembertoken = ?');
$this->statement->execute([$token]);
$result = $this->statement->fetch();

if ($result) {
$createdAt = strtotime($result->createdAt);
$currentDate = strtotime(date('Y-m-d'));

$dateDifference = ($currentDate - $createdAt) / (60 * 60 * 24); // in days

if ($dateDifference > 30) {

// Delete entry from the database
$this->prepare('DELETE FROM login WHERE remembertoken = ?');
$this->statement->execute([$token]);

// Perform logout actions
setcookie("login_cookie", "", time() - 3600, '/');
session_unset();
$_SESSION = [];
$_SESSION = array();
session_destroy();

Util::redirect("/auth/login.php");
}

return true;
} else {
// Token not found, perform logout actions
setcookie("login_cookie", "", time() - 3600, '/');
session_unset();
$_SESSION = [];
Expand All @@ -62,4 +84,5 @@ protected function validateRememberToken($token)
Util::redirect("/auth/login.php");
}
}

}

0 comments on commit 5c6f0c0

Please sign in to comment.