Added support for setting a token path (used by cookies) on an AuthToken

locomotivemtl · Jan 24, 2020 · 6e42aa6 · 6e42aa6
1 parent b512a0e
commit 6e42aa6
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/src/Charcoal/User/AuthTokenCookieTrait.php b/src/Charcoal/User/AuthTokenCookieTrait.php
@@ -21,9 +21,10 @@ public function sendCookie()
         $name   = $metadata['tokenName'];
         $value  = $this['ident'].';'.$this['token'];
         $expiry = isset($this['expiry']) ? $this['expiry']->getTimestamp() : null;
+        $path   = $metadata['tokenPath'];
         $secure = $metadata['httpsOnly'];
 
-        return setcookie($name, $value, $expiry, '', '', $secure);
+        return setcookie($name, $value, $expiry, $path, '', $secure);
     }
 
     /**
@@ -39,9 +40,10 @@ public function deleteCookie()
 
         $name   = $metadata['tokenName'];
         $expiry = (time() - 1000);
+        $path   = $metadata['tokenPath'];
         $secure = $metadata['httpsOnly'];
 
-        return setcookie($name, '', $expiry, '', '', $secure);
+        return setcookie($name, '', $expiry, $path, '', $secure);
     }
 
     /**

diff --git a/src/Charcoal/User/AuthTokenMetadata.php b/src/Charcoal/User/AuthTokenMetadata.php
@@ -42,10 +42,11 @@ public function defaults()
         $parentDefaults = parent::defaults();
 
         $defaults = array_replace_recursive($parentDefaults, [
-            'enabled'         => true,
+            'enabled'        => true,
             'token_name'     => 'charcoal_user_login',
             'token_duration' => '15 days',
-            'https_only'      => false,
+            'token_path'     => '',
+            'https_only'     => false,
         ]);
         return $defaults;
     }