aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/auth.php2
-rw-r--r--core/namespace/Application.php8
2 files changed, 5 insertions, 5 deletions
diff --git a/admin/auth.php b/admin/auth.php
index d0abc38..8d7bf9a 100644
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -33,7 +33,7 @@ if(HTTP::issetPOST('username', 'password')) {
if($User = $UserRepository->findBy('username', HTTP::POST('username'))) {
if(password_verify(HTTP::POST('password'), $User->get('password'))) {
- $_SESSION['auth'] = $User->getID();
+ $_SESSION['USER_ID'] = $User->getID();
HTTP::redirect(Application::getAdminURL());
} else {
$messages[] = $Language->text('authentication_failure');
diff --git a/core/namespace/Application.php b/core/namespace/Application.php
index fa5e0a9..8346248 100644
--- a/core/namespace/Application.php
+++ b/core/namespace/Application.php
@@ -116,18 +116,18 @@ class Application {
# Return unique CSRF token for the current session
#===============================================================================
public static function getSecurityToken(): string {
- if(!isset($_SESSION['token'])) {
- $_SESSION['token'] = bin2hex(random_bytes(16));
+ if(!isset($_SESSION['CSRF_TOKEN'])) {
+ $_SESSION['CSRF_TOKEN'] = bin2hex(random_bytes(16));
}
- return $_SESSION['token'];
+ return $_SESSION['CSRF_TOKEN'];
}
#===============================================================================
# Return boolean if successfully authenticated
#===============================================================================
public static function isAuthenticated(): bool {
- return isset($_SESSION['auth']);
+ return isset($_SESSION['USER_ID']);
}
#===============================================================================