Check token expiry

2024-09-28 18:47:40 +03:00 · 2024-09-28 18:47:40 +03:00 · 261816fa4e
commit 261816fa4e
parent f5371aba5d
1 changed files with 5 additions and 1 deletions
--- a/inc/database.php
+++ b/inc/database.php
@ -169,11 +169,15 @@ class DataBase extends SQLite3 {
 			$token = base64_decode($_COOKIE['token']);
 		}
 		$hashed = hash('sha256', $token);
-		$sql = "SELECT id AS id, userid AS userid FROM tokens WHERE token='$hashed';";
+		$sql = "SELECT id AS id, userid AS userid, expires AS expires FROM tokens WHERE token='$hashed';";
 		$ret = $this->query($sql)->fetchArray(SQLITE3_ASSOC);
 		if(!$ret) {
 			return false;
 		}
+		if ($ret['expires'] < time()) {
+			$this->tokenRemove($token);
+			return false;
+		}
 		$this->tokenRefresh($ret['id']);
 		return $ret['userid'];
 	}