Skip to content
Permalink
Browse files

Merge pull request #187 from merumelu/cookie-host

Replace occurences of $_SERVER['HTTP_HOST'] with Uri::getHost()
  • Loading branch information...
bojidar-bg committed Aug 13, 2019
2 parents 3e9062e + 1005d6e commit 3d8ee35a1e47675f53dba8d9d8333f2644b0565d
Showing with 12 additions and 8 deletions.
  1. +1 −1 src/middleware.php
  2. +11 −7 src/routes/auth.php
@@ -146,7 +146,7 @@
if (isset($result['token'])) {
$response = $this->cookies['responseCookies']->set($response, $this->cookies['setCookie']('token')
->withValue($result['token'])
->withDomain($_SERVER['HTTP_HOST'])
->withDomain($request->getUri()->getHost())
->withPath($request->getUri()->getBasePath())
->withHttpOnly(true)
);
@@ -27,12 +27,15 @@
'session' => base64_encode($id),
]);
$uri = $request->getUri();
$uri = $uri->withPath((FRONTEND ? $uri->getBasePath() : dirname($uri->getBasePath())) . '/login')
->withQuery('')
->withFragment(urlencode($token));
return $response->withJson([
'categories' => $query->fetchAll(),
'token' => $token,
'login_url' => $_SERVER['HTTP_HOST'] .
(FRONTEND ? dirname($request->getUri()->getBasePath()) : $request->getUri()->getBasePath()) .
'/login#' . urlencode($token),
'login_url' => (string) $uri,
// ^ TODO: Make those routes actually work
], 200);
} else {
@@ -208,17 +211,18 @@
return $response;
}
$reset_link = $request->getUri()->getScheme() . '://' . $_SERVER['HTTP_HOST'] .
(FRONTEND ? $request->getUri()->getBasePath() : dirname($request->getUri()->getBasePath())) .
'/reset_password?token=' . urlencode($token);
$reset_link = $request->getUri();
$base_path = (FRONTEND ? $reset_link->getBasePath() : dirname($reset_link->getBasePath()));
$reset_link = $reset_link->withPath($base_path . '/reset_password')
->withQuery('token=' . urlencode($token));
$mail = $this->mail->__invoke(); // Since its a function closure, we have to invoke it with magic methods
$mail->addAddress($user['email'], $user['username']);
$mail->isHTML(true);
$mail->Subject = "Password reset requested for $user[username]";
$mail->Body = $this->renderer->fetch('reset_password_email.phtml', [
'user' => $user,
'link' => $reset_link,
'link' => (string) $reset_link,
]);
$mail->AltBody = "Reset your ($user[username]'s) password: $reset_link\n";
if (!$mail->send()) {

0 comments on commit 3d8ee35

Please sign in to comment.
You can’t perform that action at this time.