Update Pages\Auth for auto calc {hash}

2021-03-07 16:28:07 +07:00 · 2021-03-07 16:28:07 +07:00 · c0809de7fd
commit c0809de7fd
parent f743dd7317
1 changed files with 3 additions and 3 deletions
--- a/app/Models/Pages/Auth.php
+++ b/app/Models/Pages/Auth.php
@ -250,14 +250,14 @@ class Auth extends Page
                    $v->validation($_POST)
                    && 0 === $this->c->bans->banFromName($tmpUser->username)
                ) {
+                    $this->c->Csrf->setHashExpiration(259200); // ???? хэш действует 72 часа
+
                    $key  = $this->c->Secury->randomPass(32);
-                    $hash = $this->c->Secury->hash($tmpUser->id . $key);
                    $link = $this->c->Router->link(
                        'ChangePassword',
                        [
                            'id'   => $tmpUser->id,
                            'key'  => $key,
-                            'hash' => $hash,
                        ]
                    );
                    $tplData = [
@ -362,7 +362,7 @@ class Auth extends Page
    public function changePass(array $args, string $method): Page
    {
        if (
-            ! \hash_equals($args['hash'], $this->c->Secury->hash($args['id'] . $args['key']))
+            ! $this->c->Csrf->verify($args['hash'], 'ChangePassword', $args)
            || ! ($user = $this->c->users->load($args['id'])) instanceof User
            || ! \hash_equals($user->activate_string, $args['key'])
        ) {