Skip to content
This repository was archived by the owner on May 31, 2024. It is now read-only.

Commit ee7e531

Browse files
zerkmsfabpot
authored andcommitted
StringUtils::equals() arguments in RememberMe Cookie based implementation are confused
It must be the other way around
1 parent fedc844 commit ee7e531

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Http/RememberMe/TokenBasedRememberMeServices.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ protected function processAutoLoginCookie(array $cookieParts, Request $request)
5454
throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
5555
}
5656

57-
if (true !== StringUtils::equals($hash, $this->generateCookieHash($class, $username, $expires, $user->getPassword()))) {
57+
if (true !== StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
5858
throw new AuthenticationException('The cookie\'s hash is invalid.');
5959
}
6060

0 commit comments

Comments
 (0)