diff --git a/app/Models/User.php b/app/Models/User.php index b7ca5afd..3fdf3789 100644 --- a/app/Models/User.php +++ b/app/Models/User.php @@ -66,7 +66,7 @@ class User } } - $class_name = "App\Services\Cipher\\".$_ENV['PWD_METHOD']; + $class_name = "App\Services\Cipher\\".config('secure.cipher'); $this->cipher = new $class_name; if (!is_null($this->model)) { @@ -74,7 +74,7 @@ class User $this->uid = $this->model->uid; $this->email = $this->model->email; $this->password = $this->model->password; - $this->token = md5($this->email . $this->password . $_ENV['SALT']); + $this->token = md5($this->email . $this->password . config('secure.salt')); $this->closet = new Closet($this->uid); $this->is_admin = $this->model->permission == 1 || $this->model->permission == 2; } @@ -82,12 +82,12 @@ class User public function checkPasswd($raw_passwd) { - return ($this->cipher->encrypt($raw_passwd, $_ENV['SALT']) == $this->password); + return ($this->cipher->encrypt($raw_passwd, config('secure.salt')) == $this->password); } public function changePasswd($new_passwd) { - $this->model->password = $this->cipher->encrypt($new_passwd, $_ENV['SALT']); + $this->model->password = $this->cipher->encrypt($new_passwd, config('secure.salt')); return $this->model->save(); } @@ -133,7 +133,7 @@ class User public function getToken($refresh = false) { if ($this->is_registered && ($this->token === "" || $refresh)) { - $this->token = md5($this->model->email . $this->model->password . $_ENV['SALT']); + $this->token = md5($this->model->email . $this->model->password . config('secure.salt')); } return $this->token; @@ -220,7 +220,7 @@ class User $user = new UserModel(); $user->email = $this->email; - $user->password = $this->cipher->encrypt($password, $_ENV['SALT']); + $user->password = $this->cipher->encrypt($password, config('secure.salt')); $user->ip = $ip; $user->score = Option::get('user_initial_score'); $user->register_at = Utils::getTimeFormatted(); diff --git a/app/Services/Database/Database.php b/app/Services/Database/Database.php index fd1d1ca2..cf047f41 100644 --- a/app/Services/Database/Database.php +++ b/app/Services/Database/Database.php @@ -41,12 +41,7 @@ class Database */ public function __construct($config = null) { - if (is_null($config)) { - $db_config = require BASE_DIR.'/config/database.php'; - $config = $db_config['connections']['mysql']; - } - - $this->config = $config; + $this->config = is_null($config) ? config('database.connections.mysql') : $config; @$this->connection = new \mysqli( $this->config['host'], diff --git a/config/secure.php b/config/secure.php new file mode 100644 index 00000000..bf829405 --- /dev/null +++ b/config/secure.php @@ -0,0 +1,14 @@ + env('PWD_METHOD', 'SALTED2MD5'), + 'salt' => env('APP_KEY', '') +]; diff --git a/resources/views/auth/master.tpl b/resources/views/auth/master.tpl index 6e8bb258..f0017caf 100644 --- a/resources/views/auth/master.tpl +++ b/resources/views/auth/master.tpl @@ -27,7 +27,7 @@ @if (Session::has('msg')) @endif diff --git a/setup/index.php b/setup/index.php index a9d95e20..dcaa1d34 100644 --- a/setup/index.php +++ b/setup/index.php @@ -63,7 +63,7 @@ switch ($step) { $options['announcement'] = str_replace('{version}', $options['version'], $options['announcement']); foreach ($options as $key => $value) { - Option::add($key, $value); + Option::set($key, $value); } // register super admin