From 576cba749f9cfa150e9ba3eb23c06c70b75f64a8 Mon Sep 17 00:00:00 2001
From: Michael Cordingley <Michael.Cordingley@gmail.com>
Date: Wed, 20 Sep 2017 21:35:31 -0400
Subject: [PATCH 1/4] Perform constant-time token comparison in
 DatabaseUserProvider

---
 src/Illuminate/Auth/DatabaseUserProvider.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php
index a94b74b8b452..e131e4223da2 100755
--- a/src/Illuminate/Auth/DatabaseUserProvider.php
+++ b/src/Illuminate/Auth/DatabaseUserProvider.php
@@ -70,10 +70,9 @@ public function retrieveByToken($identifier, $token)
     {
         $user = $this->conn->table($this->table)
                         ->where('id', $identifier)
-                        ->where('remember_token', $token)
                         ->first();
 
-        return $this->getGenericUser($user);
+        return hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null;
     }
 
     /**

From 41de9cee235ddec5cd0b9695d891c4ffdc40185b Mon Sep 17 00:00:00 2001
From: Michael Cordingley <Michael.Cordingley@gmail.com>
Date: Wed, 20 Sep 2017 21:38:22 -0400
Subject: [PATCH 2/4] Perform constant-time token comparison in
 EloquentUserProvider

---
 src/Illuminate/Auth/EloquentUserProvider.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php
index 0d5cad9c785e..a629661294ad 100755
--- a/src/Illuminate/Auth/EloquentUserProvider.php
+++ b/src/Illuminate/Auth/EloquentUserProvider.php
@@ -60,12 +60,11 @@ public function retrieveById($identifier)
      */
     public function retrieveByToken($identifier, $token)
     {
-        $model = $this->createModel();
-
-        return $model->newQuery()
+        $model = $this->createModel()->newQuery()
             ->where($model->getAuthIdentifierName(), $identifier)
-            ->where($model->getRememberTokenName(), $token)
             ->first();
+        
+        return $model && hash_equals($model->getRememberToken(), $token) ? $model : null;
     }
 
     /**

From d03a07e066aea967d9f1884fa4cfc797a50f5bd2 Mon Sep 17 00:00:00 2001
From: Michael Cordingley <Michael.Cordingley@gmail.com>
Date: Wed, 20 Sep 2017 21:38:58 -0400
Subject: [PATCH 3/4] Null-check the $user

---
 src/Illuminate/Auth/DatabaseUserProvider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Illuminate/Auth/DatabaseUserProvider.php b/src/Illuminate/Auth/DatabaseUserProvider.php
index e131e4223da2..9fe12e55c8b8 100755
--- a/src/Illuminate/Auth/DatabaseUserProvider.php
+++ b/src/Illuminate/Auth/DatabaseUserProvider.php
@@ -72,7 +72,7 @@ public function retrieveByToken($identifier, $token)
                         ->where('id', $identifier)
                         ->first();
 
-        return hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null;
+        return $user && hash_equals($user->remember_token, $token) ? $this->getGenericUser($user) : null;
     }
 
     /**

From 22471ae267f35311b0f2ff4fd7ba4cbf32c3577d Mon Sep 17 00:00:00 2001
From: Michael Cordingley <Michael.Cordingley@gmail.com>
Date: Thu, 21 Sep 2017 11:04:19 -0400
Subject: [PATCH 4/4] Remove trailing white-space.

---
 src/Illuminate/Auth/EloquentUserProvider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Illuminate/Auth/EloquentUserProvider.php b/src/Illuminate/Auth/EloquentUserProvider.php
index a629661294ad..ac56a04c37f6 100755
--- a/src/Illuminate/Auth/EloquentUserProvider.php
+++ b/src/Illuminate/Auth/EloquentUserProvider.php
@@ -63,7 +63,7 @@ public function retrieveByToken($identifier, $token)
         $model = $this->createModel()->newQuery()
             ->where($model->getAuthIdentifierName(), $identifier)
             ->first();
-        
+
         return $model && hash_equals($model->getRememberToken(), $token) ? $model : null;
     }