Use HMAC construction for remember me cookie hashes
This commit is contained in:
parent
8b3d8c1bae
commit
f7bb5de804
|
@ -147,6 +147,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
|
|||
*/
|
||||
protected function generateCookieHash($class, $username, $expires, $password)
|
||||
{
|
||||
return hash('sha256', $class.$username.$expires.$password.$this->getKey());
|
||||
return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey());
|
||||
}
|
||||
}
|
||||
|
|
Reference in New Issue