fix timestamp expire validation

erivello · weaverryan · commit b3d7f253dc62 · 2013-02-24T16:12:27.000-08:00
diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst
@@ -220,7 +220,7 @@ the ``PasswordDigest`` header value matches with the user's password.
         protected function validateDigest($digest, $nonce, $created, $secret)
         {
             // Expire timestamp after 5 minutes
-            if (time() - strtotime($created) > 300) {
+            if (abs(time() - strtotime($created)) > 300) {
                 return false;
             }
 

Original file line number	Diff line number	Diff line change
@@ -220,7 +220,7 @@ the ``PasswordDigest`` header value matches with the user's password.
`220`	`220`	`protected function validateDigest($digest, $nonce, $created, $secret)`
`221`	`221`	`{`
`222`	`222`	`// Expire timestamp after 5 minutes`
`223`		`- if (time() - strtotime($created) > 300) {`
	`223`	`+ if (abs(time() - strtotime($created)) > 300) {`
`224`	`224`	`return false;`
`225`	`225`	`}`
`226`	`226`