From 5be7db5bae04f660a36586ebb6a57297334037e2 Mon Sep 17 00:00:00 2001 From: Maurits van der Schee Date: Thu, 3 Aug 2023 23:06:53 +0200 Subject: [PATCH] fix for #982 --- api.include.php | 12 +++++++++--- api.php | 12 +++++++++--- src/Tqdev/PhpCrudApi/Middleware/WpAuthMiddleware.php | 7 ++++++- 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/api.include.php b/api.include.php index fdf5dfc2..089890cc 100644 --- a/api.include.php +++ b/api.include.php @@ -3306,7 +3306,7 @@ public function fromGlobals(): ServerRequestInterface /** * {@inheritdoc} */ - public function fromArrays(array $server, array $headers = [], array $cookie = [], array $get = [], /*?array*/ $post = null, array $files = [], $body = null): ServerRequestInterface + public function fromArrays(array $server, array $headers = [], array $cookie = [], array $get = [], ?array $post = null, array $files = [], $body = null): ServerRequestInterface { $method = $this->getMethodFromEnv($server); $uri = $this->getUriFromEnvWithHTTP($server); @@ -3575,7 +3575,8 @@ public function fromArrays( array $server, array $headers = [], array $cookie = [], - array $get = [], /*?array*/ $post = null, + array $get = [], + ?array $post = null, array $files = [], $body = null ): ServerRequestInterface; @@ -9987,6 +9988,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface 'remember' => false, ]); if ($user->ID) { + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username); @@ -9994,13 +9996,17 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface if ($method == 'POST' && $path == 'logout') { if (is_user_logged_in()) { wp_logout(); + $user = wp_get_current_user(); + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); } if ($method == 'GET' && $path == 'me') { if (is_user_logged_in()) { - return $this->responder->success(wp_get_current_user()); + $user = wp_get_current_user(); + unset($user['user_pass']); + return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); } diff --git a/api.php b/api.php index 0dd6ad4e..5dca13a5 100644 --- a/api.php +++ b/api.php @@ -3306,7 +3306,7 @@ public function fromGlobals(): ServerRequestInterface /** * {@inheritdoc} */ - public function fromArrays(array $server, array $headers = [], array $cookie = [], array $get = [], /*?array*/ $post = null, array $files = [], $body = null): ServerRequestInterface + public function fromArrays(array $server, array $headers = [], array $cookie = [], array $get = [], ?array $post = null, array $files = [], $body = null): ServerRequestInterface { $method = $this->getMethodFromEnv($server); $uri = $this->getUriFromEnvWithHTTP($server); @@ -3575,7 +3575,8 @@ public function fromArrays( array $server, array $headers = [], array $cookie = [], - array $get = [], /*?array*/ $post = null, + array $get = [], + ?array $post = null, array $files = [], $body = null ): ServerRequestInterface; @@ -9987,6 +9988,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface 'remember' => false, ]); if ($user->ID) { + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username); @@ -9994,13 +9996,17 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface if ($method == 'POST' && $path == 'logout') { if (is_user_logged_in()) { wp_logout(); + $user = wp_get_current_user(); + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); } if ($method == 'GET' && $path == 'me') { if (is_user_logged_in()) { - return $this->responder->success(wp_get_current_user()); + $user = wp_get_current_user(); + unset($user['user_pass']); + return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); } diff --git a/src/Tqdev/PhpCrudApi/Middleware/WpAuthMiddleware.php b/src/Tqdev/PhpCrudApi/Middleware/WpAuthMiddleware.php index f8d12068..78483994 100644 --- a/src/Tqdev/PhpCrudApi/Middleware/WpAuthMiddleware.php +++ b/src/Tqdev/PhpCrudApi/Middleware/WpAuthMiddleware.php @@ -38,6 +38,7 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface 'remember' => false, ]); if ($user->ID) { + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username); @@ -45,13 +46,17 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface if ($method == 'POST' && $path == 'logout') { if (is_user_logged_in()) { wp_logout(); + $user = wp_get_current_user(); + unset($user['user_pass']); return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); } if ($method == 'GET' && $path == 'me') { if (is_user_logged_in()) { - return $this->responder->success(wp_get_current_user()); + $user = wp_get_current_user(); + unset($user['user_pass']); + return $this->responder->success($user); } return $this->responder->error(ErrorCode::AUTHENTICATION_REQUIRED, ''); }