Expire login cookie with session end without remember me option

leepeuker · Jul 1, 2022 · 452dfbe · 452dfbe
1 parent 5b045fd
commit 452dfbe
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/src/Application/User/Service/Authentication.php b/src/Application/User/Service/Authentication.php
@@ -49,14 +49,17 @@ public function login(string $password, bool $rememberMe) : void
             throw InvalidPassword::create();
         }
 
-        $expirationDate = $this->createExpirationDate();
+        $authTokenExpirationDate = $this->createExpirationDate();
+        $cookieExpiration = 0;
+
         if ($rememberMe === true) {
-            $expirationDate = $this->createExpirationDate(self::MAX_EXPIRATION_AGE_IN_DAYS);
+            $authTokenExpirationDate = $this->createExpirationDate(self::MAX_EXPIRATION_AGE_IN_DAYS);
+            $cookieExpiration = (int)$authTokenExpirationDate->format('U');
         }
 
-        $token = $this->generateToken(DateTime::createFromString((string)$expirationDate));
+        $token = $this->generateToken(DateTime::createFromString((string)$authTokenExpirationDate));
 
-        setcookie(self::AUTHENTICATION_COOKIE_NAME, $token, (int)$expirationDate->format('U'));
+        setcookie(self::AUTHENTICATION_COOKIE_NAME, $token, $cookieExpiration);
     }
 
     public function logout() : void