aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCamil Staps2015-05-12 23:24:35 +0200
committerCamil Staps2015-05-12 23:24:35 +0200
commita147343365175e3899424135fe31f5289d07982f (patch)
tree6f2dffe636971c99324a93ea44e53eec1e056158
parentCleanup (diff)
Fixed security issue: safer random token generator using openssl
-rw-r--r--src/controllers/UserTokenController.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/controllers/UserTokenController.php b/src/controllers/UserTokenController.php
index 99272ec..5a6099b 100644
--- a/src/controllers/UserTokenController.php
+++ b/src/controllers/UserTokenController.php
@@ -31,7 +31,7 @@ class UserTokenController extends BaseController {
*/
public function store() {
$this->userToken->userId = Auth::user()->id;
- $this->userToken->token = sha1(mt_rand());
+ $this->userToken->token = base64_encode(openssl_random_pseudo_bytes(64));
if ($this->userToken->save()) {
// Remove the token field from the hidden fields