diff options
| author | Camil Staps | 2015-05-12 23:24:35 +0200 |
|---|---|---|
| committer | Camil Staps | 2015-05-12 23:24:35 +0200 |
| commit | a147343365175e3899424135fe31f5289d07982f (patch) | |
| tree | 6f2dffe636971c99324a93ea44e53eec1e056158 | |
| parent | Cleanup (diff) | |
Fixed security issue: safer random token generator using openssl
| -rw-r--r-- | src/controllers/UserTokenController.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/controllers/UserTokenController.php b/src/controllers/UserTokenController.php index 99272ec..5a6099b 100644 --- a/src/controllers/UserTokenController.php +++ b/src/controllers/UserTokenController.php @@ -31,7 +31,7 @@ class UserTokenController extends BaseController { */ public function store() { $this->userToken->userId = Auth::user()->id; - $this->userToken->token = sha1(mt_rand()); + $this->userToken->token = base64_encode(openssl_random_pseudo_bytes(64)); if ($this->userToken->save()) { // Remove the token field from the hidden fields |