first attempt to fix cast error

2019-05-05 11:24:55 -04:00 · 2019-05-05 11:24:55 -04:00 · a55a11dad1
parent 8d62c61b7a
commit a55a11dad1
2 changed files with 22 additions and 14 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -8,6 +8,3 @@
 [submodule "third_party/bcrypt"]
 	path = third_party/bcrypt
 	url = https://github.com/pliablepixels/libbcrypt
-[submodule "third_party/jwt-cpp"]
-	path = third_party/jwt-cpp
-	url = https://github.com/Thalhammer/jwt-cpp
--- a/web/includes/auth.php
+++ b/web/includes/auth.php
@ -51,16 +51,7 @@ function userLogin($username='', $password='', $passwordHashed=false) {
  
  global $user;

-  $key = "example_key";
-  $token = array(
-      "iss" => "http://example.org",
-      "aud" => "http://example.com",
-      "iat" => 1356999524,
-      "nbf" => 1357000000
-  );
-  $jwt = JWT::encode($token, $key);
-
-  ZM\Info ("JWT token is $jwt");
+  


  if ( !$username and isset($_REQUEST['username']) )
@ -233,8 +224,28 @@ function getAuthUser($auth) {

 function generateAuthHash($useRemoteAddr, $force=false) {
  if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) {
-    # regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800
    $time = time();
+    $key = ZM_AUTH_HASH_SECRET;
+    $issuedAt   = time();
+    $expireAt     = $issuedAt + ZM_AUTH_HASH_TTL * 3600;
+
+
+    $token = array(
+        "iss" => "ZoneMinder",
+        "iat" => $issuedAt,
+        "exp" => $expireAt
+        
+    );
+
+    if ($useRemoteAddr) {
+      $token['remote_addr'] = $_SESSION['remoteAddr'];
+    }
+
+
+    $jwt = JWT::encode($token, $key);
+
+    ZM\Info ("JWT token is $jwt");
+
    $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 );

    if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {