From 913db80c306d6ffe02918c5fc592d660a6fe4a7f Mon Sep 17 00:00:00 2001
From: BitHeaven <bit.heaven@bk.ru>
Date: Fri, 9 Aug 2024 22:31:15 +0500
Subject: [PATCH] Fix auth in User class

---
 engine/class/0005.user.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/engine/class/0005.user.php b/engine/class/0005.user.php
index 53ef70b..af85cf3 100644
--- a/engine/class/0005.user.php
+++ b/engine/class/0005.user.php
@@ -74,11 +74,11 @@
 				return false;
 
 			$until = time() + self::$tokenLifetime;
-			$hash = hash('sha256', $login.'|'.$password.'|'.$until.'|'.self::$secret);
+			$hash = hash('sha256', $login.'|'.$user->password.'|'.$until.'|'.self::$secret);
 
 			self::updateOnline($login);
 
-			return implode('|', rtrim(strtr(base64_encode($login.'|'.$password.'|'.$until.'|'.$hash), '+/', '-_'), '='));
+			return rtrim(strtr(base64_encode($login.'|'.$user->password.'|'.$until.'|'.$hash), '+/', '-_'), '=');
 		}
 
 		public static function get($login) {