Use HMAC construction for remember me cookie hashes
This commit is contained in:
parent
8b3d8c1bae
commit
f7bb5de804
|
@ -147,6 +147,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
|
||||||
*/
|
*/
|
||||||
protected function generateCookieHash($class, $username, $expires, $password)
|
protected function generateCookieHash($class, $username, $expires, $password)
|
||||||
{
|
{
|
||||||
return hash('sha256', $class.$username.$expires.$password.$this->getKey());
|
return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in New Issue