From 991fa7079eb5559ddd339e1ec68e0f69d3e29ccd Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Wed, 5 May 2021 16:44:31 +1000
Subject: [PATCH] Fixes for password protection

---
 app/Http/Controllers/Auth/LoginController.php | 29 +++++++++++++++++--
 app/Http/Middleware/PasswordProtection.php    |  4 +--
 2 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index b26e1cf6b857..4d45cb8520a7 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -194,7 +194,14 @@ class LoginController extends BaseController
             }
 
             $user->setCompany($user->account->default_company);
-            $timeout = $user->company()->default_password_timeout / 60000;
+
+            $timeout = $user->company()->default_password_timeout;
+
+            if($timeout == 0)
+                $timeout = 30*60*1000*1000;
+            else
+                $timeout = $timeout/1000;
+
             Cache::put($user->hashed_id.'_logged_in', Str::random(64), $timeout);
 
             $cu = CompanyUser::query()
@@ -333,7 +340,15 @@ class LoginController extends BaseController
 
                 Auth::login($existing_user, true);
                 $existing_user->setCompany($existing_user->account->default_company);
-                $timeout = $existing_user->company()->default_password_timeout / 60000;
+
+                $timeout = $existing_user->company()->default_password_timeout;
+
+                if($timeout == 0)
+                    $timeout = 30*60*1000*1000;
+                else
+                    $timeout = $timeout/1000;
+
+
                 Cache::put($existing_user->hashed_id.'_logged_in', Str::random(64), $timeout);
 
                 $cu = CompanyUser::query()
@@ -375,7 +390,15 @@ class LoginController extends BaseController
 
             auth()->user()->email_verified_at = now();
             auth()->user()->save();
-            $timeout = auth()->user()->company()->default_password_timeout / 60000;
+
+            $timeout = auth()->user()->company()->default_password_timeout;
+
+                if($timeout == 0)
+                    $timeout = 30*60*1000*1000;
+                else
+                    $timeout = $timeout/1000;
+
+
             Cache::put(auth()->user()->hashed_id.'_logged_in', Str::random(64), $timeout);
 
             $cu = CompanyUser::whereUserId(auth()->user()->id);
diff --git a/app/Http/Middleware/PasswordProtection.php b/app/Http/Middleware/PasswordProtection.php
index 22dfb4b1c7fa..0652e0816831 100644
--- a/app/Http/Middleware/PasswordProtection.php
+++ b/app/Http/Middleware/PasswordProtection.php
@@ -40,9 +40,9 @@ class PasswordProtection
         $timeout = auth()->user()->company()->default_password_timeout;
 
         if($timeout == 0)
-            $timeout = now()->addYear();
+            $timeout = 30*60*1000*1000;
         else
-            $timeout = now()->addMinutes($timeout/1000);
+            $timeout = $timeout/1000;
 
         if (Cache::get(auth()->user()->hashed_id.'_logged_in')) {