customer_auth_token.

coder_customer_auth_token.ocmod.xml

<?xml version="1.0" encoding="utf-8"?>
<modification>
    <name>coder_customer_auth_token</name>
    <code>coder_customer_auth_token</code>
    <version>1.0</version>
    <author>Coder</author>
    <link>https://www.opencart.com</link>

    <file path="system/library/cart/customer.php">
        <operation>
            <search index="1"><![CDATA[$this->address_id = $customer_query->row['address_id'];]]></search>
            <add position="after"><![CDATA[

                $auth_token_data = $this->generateAuthToken(86400);
                $this->updateAuthToken($customer_query->row['customer_id'], $auth_token_data['auth_token'], $auth_token_data['auth_token_expire']);
                $this->session->data['auth_token'] = $auth_token_data['auth_token'];
                $this->session->data['auth_token_expire'] = $auth_token_data['auth_token_expire'];
            ]]></add>
        </operation>

        <operation>
            <search><![CDATA[public function isLogged() { ]]></search>
            <add position="replace"><![CDATA[ public function isLogged_old() { ]]></add>
        </operation>
        <operation>
            <search><![CDATA[public function logout() {]]></search>
            <add position="before"><![CDATA[

    public function generateAuthToken($ttl = 86400) { // TTL за замовчуванням - 1 день (86400 секунд)
        $auth_token = bin2hex(random_bytes(16));
        $auth_token_expire = time() + $ttl;
        return array(
            'auth_token' => $auth_token,
            'auth_token_expire' => $auth_token_expire
        );
    }

    public function updateAuthToken($customer_id, $auth_token, $auth_token_expire) {
        $this->db->query("UPDATE `" . DB_PREFIX . "customer`
                          SET `auth_token` = '" . $this->db->escape($auth_token) . "',
                              `auth_token_expire` = '" . (int)$auth_token_expire . "'
                          WHERE `customer_id` = '" . (int)$customer_id . "'");
    }


    public function isLogged() {
        if (isset($this->session->data['customer_id']) && isset($this->session->data['auth_token']) && $this->session->data['auth_token_expire']) {
            $sql = "SELECT `customer_id` FROM `" . DB_PREFIX . "customer`
                    WHERE `customer_id` = '" . (int)$this->session->data['customer_id'] . "'
                      AND `auth_token` = '" . $this->db->escape($this->session->data['auth_token']) . "'
                      AND `auth_token_expire` > '" . time() . "'";

            $customer_query = $this->db->query($sql);

            if ($customer_query->num_rows) {
                return $this->session->data['customer_id'];
            } else {
                $this->logout();
                return false;
            }
        } else {
            return false;
        }
    }
            ]]></add>
        </operation>
        <operation>
            <search trim="true"><![CDATA[
unset($this->session->data['customer_id']);
            ]]></search>
            <add position="before"><![CDATA[
            $this->updateAuthToken($this->session->data['customer_id'],'',0);
    unset($this->session->data['customer_id']);
    unset($this->session->data['customer']);
    unset($this->session->data['auth_token']);
    unset($this->session->data['auth_token_expire']);
    $this->auth_token = '';
            ]]></add>
        </operation>

    </file>
</modification>

install.sql

ALTER TABLE `oc_customer` ADD `auth_token` VARCHAR(32) NULL AFTER `token`;
ALTER TABLE `oc_customer` ADD `auth_token_expire` INT(11) NULL AFTER `auth_token`;