From a55a11dad1249d6db7a0cfb578e5752cf6bb9186 Mon Sep 17 00:00:00 2001 From: Pliable Pixels Date: Sun, 5 May 2019 11:24:55 -0400 Subject: [PATCH] first attempt to fix cast error --- .gitmodules | 3 --- web/includes/auth.php | 33 ++++++++++++++++++++++----------- 2 files changed, 22 insertions(+), 14 deletions(-) diff --git a/.gitmodules b/.gitmodules index f5bcf359d..2ec483d25 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,6 +8,3 @@ [submodule "third_party/bcrypt"] path = third_party/bcrypt url = https://github.com/pliablepixels/libbcrypt -[submodule "third_party/jwt-cpp"] - path = third_party/jwt-cpp - url = https://github.com/Thalhammer/jwt-cpp diff --git a/web/includes/auth.php b/web/includes/auth.php index 7c8c24527..3f575d4c2 100644 --- a/web/includes/auth.php +++ b/web/includes/auth.php @@ -51,16 +51,7 @@ function userLogin($username='', $password='', $passwordHashed=false) { global $user; - $key = "example_key"; - $token = array( - "iss" => "http://example.org", - "aud" => "http://example.com", - "iat" => 1356999524, - "nbf" => 1357000000 - ); - $jwt = JWT::encode($token, $key); - - ZM\Info ("JWT token is $jwt"); + if ( !$username and isset($_REQUEST['username']) ) @@ -233,8 +224,28 @@ function getAuthUser($auth) { function generateAuthHash($useRemoteAddr, $force=false) { if ( ZM_OPT_USE_AUTH and ZM_AUTH_RELAY == 'hashed' and isset($_SESSION['username']) and $_SESSION['passwordHash'] ) { - # regenerate a hash at half the liftetime of a hash, an hour is 3600 so half is 1800 $time = time(); + $key = ZM_AUTH_HASH_SECRET; + $issuedAt = time(); + $expireAt = $issuedAt + ZM_AUTH_HASH_TTL * 3600; + + + $token = array( + "iss" => "ZoneMinder", + "iat" => $issuedAt, + "exp" => $expireAt + + ); + + if ($useRemoteAddr) { + $token['remote_addr'] = $_SESSION['remoteAddr']; + } + + + $jwt = JWT::encode($token, $key); + + ZM\Info ("JWT token is $jwt"); + $mintime = $time - ( ZM_AUTH_HASH_TTL * 1800 ); if ( $force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime ) ) {