Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-24 18:59:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix insecure persistent login token

Browse Source 
Signed-off-by: 4n4nk3 <47717886+4n4nk3@users.noreply.github.com>
This commit is contained in:
4n4nk3
2023-01-16 11:25:48 +01:00
committed by 4n4nk3
parent 8a139d66f6
commit d31cf9d156
3 changed files with 98 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
scripts/pi-hole/php/password.php
View File

@@ -8,6 +8,7 @@
*/
require_once 'func.php';
require_once 'persistentlogin_token.php';
// Start a new PHP session (or continue an existing one)
start_php_session();
@@ -29,11 +30,8 @@ function verifyPassword($pwhash, $use_api = false)
if (strlen($pwhash) > 0) {
// Check for and authorize from persistent cookie
if (isset($_COOKIE['persistentlogin'])) {
if (hash_equals($pwhash, $_COOKIE['persistentlogin'])) {
if (checkValidityPersistentLoginToken($_COOKIE['persistentlogin'])) {
$_SESSION['auth'] = true;
// Refresh cookie with new expiry
// setcookie( $name, $value, $expire, $path, $domain, $secure, $httponly )
setcookie('persistentlogin', $pwhash, time() + 60 * 60 * 24 * 7, null, null, null, true);
} else {
// Invalid cookie
$_SESSION['auth'] = false;
@@ -61,8 +59,12 @@ function verifyPassword($pwhash, $use_api = false)
// Set persistent cookie if selected
if (isset($_POST['persistentlogin'])) {
// setcookie( $name, $value, $expire, $path, $domain, $secure, $httponly )
setcookie('persistentlogin', $pwhash, time() + 60 * 60 * 24 * 7, null, null, null, true);
// Generate cookie with new expiry
$token = genPersistentLoginToken();
$time = time() + 60 * 60 * 24 * 7; // 7 days
writePersistentLoginToken($token, $time);
// setcookie($name, $value, $expire, $path, $domain, $secure, $httponly)
setcookie('persistentlogin', $token, $time, null, null, null, true);
}
$_SESSION['auth'] = true;