From 032113492c0992908fb62bd79c62219e58ffd621 Mon Sep 17 00:00:00 2001
From: Jeremy Dormitzer <jeremy.dormitzer@gmail.com>
Date: Mon, 14 Jan 2019 11:29:32 -0500
Subject: [PATCH] Add TODO

---
 src/Auth/HttpSignatureService.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/Auth/HttpSignatureService.php b/src/Auth/HttpSignatureService.php
index 8b8b345..6976c90 100644
--- a/src/Auth/HttpSignatureService.php
+++ b/src/Auth/HttpSignatureService.php
@@ -33,6 +33,7 @@ class HttpSignatureService
      */
     public function verify( Request $request, string $publicKey )
     {
+        // TODO fail verification if date is > 300 seconds ago to prevent replay attacks
         $params = array();
         $headers = $request->headers;
         if ( $headers->has( 'signature' ) ) {