moved auth into subroute and make logout DELETE

This commit is contained in:
flash 2016-12-09 20:36:26 +01:00
parent d306f2f57d
commit d9e7c5616b
4 changed files with 32 additions and 39 deletions

View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\ActionCode;
use Sakura\Config;
use Sakura\CurrentSession;
@ -38,18 +39,16 @@ class AuthController extends Controller
/**
* End the current session.
* @return string
* @throws HttpMethodNotAllowedException
*/
public function logout(): string
public function logout(): void
{
if (!session_check()) {
return $this->json(['error' => 'Logout failed.']);
throw new HttpMethodNotAllowedException;
}
// Destroy the active session
CurrentSession::stop();
return $this->json(['error' => null]);
}
/**
@ -109,8 +108,8 @@ class AuthController extends Controller
);
$cookiePrefix = config('cookie.prefix');
setcookie("{$cookiePrefix}id", $user->id, time() + 604800);
setcookie("{$cookiePrefix}session", $session->key, time() + 604800);
setcookie("{$cookiePrefix}id", $user->id, time() + 604800, '/');
setcookie("{$cookiePrefix}session", $session->key, time() + 604800, '/');
$this->touchRateLimit($user->id, true);

View file

@ -138,7 +138,7 @@ class Router
* @param string $url
* @return string
*/
public static function handle(string $method, string $url): string
public static function handle(string $method, string $url): ?string
{
// Check if the dispatcher is defined
if (self::$dispatcher === null) {

View file

@ -127,34 +127,26 @@
confirm.AddCallback(Sakura.DialogueButton.Yes, function () {
var ajax = new Sakura.AJAX;
ajax.SetUrl("{{ route('auth.logout') }}");
ajax.Form();
ajax.SetSend({
"session": Sakura.Config.SessionId
});
ajax.SetUrl("{{ route('auth.logout') }}?session=" + Sakura.Config.SessionId);
ajax.AddCallback(200, function () {
var result = ajax.JSON();
window.location.reload();
});
ajax.AddCallback(403, function () {
confirm.Close();
if (result.error) {
var error = new Sakura.Dialogue;
error.Title = "Logout Error";
error.Text = result.error;
error.SetType(Sakura.DialogueType.Info);
var error = new Sakura.Dialogue;
error.Title = "Logout Error";
error.Text = "Logout failed.";
error.AddCallback(Sakura.DialogueButton.Ok, function () {
this.Close();
});
error.AddCallback(Sakura.DialogueButton.Ok, function () {
this.Close();
});
error.Display();
} else {
window.location.reload();
}
error.Display();
});
ajax.Start(Sakura.HTTPMethod.POST);
ajax.Start(Sakura.HTTPMethod.DELETE);
});
confirm.Display();

View file

@ -22,17 +22,6 @@ Router::group(['before' => 'maintenance'], function () {
Router::get('/', 'MetaController@index', 'main.index');
Router::get('/search', 'MetaController@search', 'main.search');
// Auth
Router::post('/login', 'AuthController@login', 'auth.login');
Router::post('/logout', 'AuthController@logout', 'auth.logout');
Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate');
// Link compatibility layer, prolly remove this in like a year
Router::get('/r/{id}', function ($id) {
return redirect("/p/{$id}");
@ -64,6 +53,19 @@ Router::group(['before' => 'maintenance'], function () {
return redirect(substr($link, 0, 4) === 'http' ? $link : route($link));
});
// Auth
Router::group(['prefix' => 'auth'], function () {
Router::post('/login', 'AuthController@login', 'auth.login');
Router::delete('/logout', 'AuthController@logout', 'auth.logout');
Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate');
});
// Info
Router::group(['prefix' => 'info'], function () {
Router::get('/terms', 'InfoController@terms', 'info.terms');