From 6f2e8788ca7cc8edb677b8596f39c90c3f13be77 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Tue, 16 Oct 2012 01:02:03 +0200
Subject: Make enhanced auth time configurable

---
 lib/util.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'lib/util.php')

diff --git a/lib/util.php b/lib/util.php
index ba2a02922a5..58d784057ac 100755
--- a/lib/util.php
+++ b/lib/util.php
@@ -394,11 +394,11 @@ class OC_Util {
 		// Check password to set session
 		if(isset($_POST['password'])) {
 			if (OC_User::login(OC_User::getUser(), $_POST["password"] ) === true) {
-				$_SESSION['verifiedLogin']=time() + (15 * 60);
+				$_SESSION['verifiedLogin']=time() + OC_Config::getValue('enhancedauthtime');
 			}
 		}
 
-		// Check if the user verified his password in the last 15 minutes
+		// Check if the user verified his password
 		if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
 			OC_Template::printGuestPage("", "verify",  array('username' => OC_User::getUser()));
 			exit();
@@ -406,11 +406,10 @@ class OC_Util {
 	}
 
 	/**
-	* Check if the user verified the login with his password in the last 15 minutes
+	* Check if the user verified the login with his password
 	* @return bool
 	*/
 	public static function isUserVerified() {
-		// Check if the user verified his password in the last 15 minutes
 		if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
 			return false;
 		}
-- 
cgit v1.2.3