Skip to content
This repository has been archived by the owner on Jan 6, 2023. It is now read-only.

Commit

Permalink
Expire and cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
@binal-7span
binal-7span committed Sep 13, 2019
1 parent e1201c3 commit ad7ab8d
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 9 deletions.
2 changes: 1 addition & 1 deletion src/endpoints/Auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ public function startSession(Request $request, Response $response)
$expirationMinutes = get_directus_setting('auto_sign_out');
$expiry = new \DateTimeImmutable('now + '.$expirationMinutes.'minutes');
$cookie = new Cookies();
$cookie->set('access_token',['value' => $token,'expires' =>$expiry->format(\DateTime::COOKIE),'httponly' => true]);
$cookie->set('access_token',['value' => $token,'expires' =>$expiry->format(\DateTime::COOKIE),'path'=>'/','httponly' => true]);
$response = $response->withAddedHeader('Set-Cookie',$cookie->toHeaders());
}

Expand Down
11 changes: 3 additions & 8 deletions src/helpers/all.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -297,13 +297,9 @@ function get_request_authorization_token(Request $request)
if (is_string($authorizationHeader) && preg_match("/Bearer\s+(.*)$/i", $authorizationHeader, $matches)) {
$authToken = $matches[1];
}
} elseif ($request->hasHeader('Set-Cookie')) {
$authorizationHeader = $request->getHeader('Set-Cookie');
// If there's multiple Authorization header, pick first, ignore the rest
if (is_array($authorizationHeader)) {
$authorizationHeader = array_shift($authorizationHeader);
}

} elseif ($request->hasHeader('Cookie')) {
$authorizationHeader = $request->getCookieParam('access_token');

if (is_string($authorizationHeader)) {
$app = Application::getInstance();
$authService = $app->getContainer()->get('services')->get('auth');
Expand All @@ -312,7 +308,6 @@ function get_request_authorization_token(Request $request)
$authToken = isset($userSession['id']) ? $authToken : null;
}
}

return $authToken;
}
}
Expand Down

0 comments on commit ad7ab8d

Please sign in to comment.