Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
La Quadrature du Net
piphone
piphone-front
Commits
81d9122f
Commit
81d9122f
authored
Mar 27, 2017
by
okhin
Browse files
Adding not before and expires on the JWT token, to limit hijacking of the token
parent
e6ee6e95
Pipeline
#920
passed with stage
in 1 second
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
app/Main.php
View file @
81d9122f
...
...
@@ -70,7 +70,7 @@ class Main extends Controller {
elseif
(
$f3
->
get
(
'VERB'
)
==
'POST'
){
// Create the call
// Generate a jwt token
$token
=
JWT
::
encode
(
array
(
'api'
=>
JWT_TOKEN
),
JWT_KEY
);
$token
=
JWT
::
encode
(
array
(
'api'
=>
JWT_TOKEN
,
'nbf'
=>
time
(),
'exp'
=>
time
()
+
10
*
60
),
JWT_KEY
);
// To get the callee, we have the callee_id in the form. Using that
// to load the callee and retrieve its number.
$contact
=
Api
::
get_contact
(
$args
[
'id'
]);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment