moved auth into subroute and make logout DELETE

This commit is contained in:
flash 2016-12-09 20:36:26 +01:00
parent d306f2f57d
commit d9e7c5616b
4 changed files with 32 additions and 39 deletions

View file

@ -6,6 +6,7 @@
namespace Sakura\Controllers; namespace Sakura\Controllers;
use Phroute\Phroute\Exception\HttpMethodNotAllowedException;
use Sakura\ActionCode; use Sakura\ActionCode;
use Sakura\Config; use Sakura\Config;
use Sakura\CurrentSession; use Sakura\CurrentSession;
@ -38,18 +39,16 @@ class AuthController extends Controller
/** /**
* End the current session. * End the current session.
* @return string * @throws HttpMethodNotAllowedException
*/ */
public function logout(): string public function logout(): void
{ {
if (!session_check()) { if (!session_check()) {
return $this->json(['error' => 'Logout failed.']); throw new HttpMethodNotAllowedException;
} }
// Destroy the active session // Destroy the active session
CurrentSession::stop(); CurrentSession::stop();
return $this->json(['error' => null]);
} }
/** /**
@ -109,8 +108,8 @@ class AuthController extends Controller
); );
$cookiePrefix = config('cookie.prefix'); $cookiePrefix = config('cookie.prefix');
setcookie("{$cookiePrefix}id", $user->id, time() + 604800); setcookie("{$cookiePrefix}id", $user->id, time() + 604800, '/');
setcookie("{$cookiePrefix}session", $session->key, time() + 604800); setcookie("{$cookiePrefix}session", $session->key, time() + 604800, '/');
$this->touchRateLimit($user->id, true); $this->touchRateLimit($user->id, true);

View file

@ -138,7 +138,7 @@ class Router
* @param string $url * @param string $url
* @return string * @return string
*/ */
public static function handle(string $method, string $url): string public static function handle(string $method, string $url): ?string
{ {
// Check if the dispatcher is defined // Check if the dispatcher is defined
if (self::$dispatcher === null) { if (self::$dispatcher === null) {

View file

@ -127,34 +127,26 @@
confirm.AddCallback(Sakura.DialogueButton.Yes, function () { confirm.AddCallback(Sakura.DialogueButton.Yes, function () {
var ajax = new Sakura.AJAX; var ajax = new Sakura.AJAX;
ajax.SetUrl("{{ route('auth.logout') }}?session=" + Sakura.Config.SessionId);
ajax.SetUrl("{{ route('auth.logout') }}");
ajax.Form();
ajax.SetSend({
"session": Sakura.Config.SessionId
});
ajax.AddCallback(200, function () { ajax.AddCallback(200, function () {
var result = ajax.JSON(); window.location.reload();
});
ajax.AddCallback(403, function () {
confirm.Close(); confirm.Close();
if (result.error) { var error = new Sakura.Dialogue;
var error = new Sakura.Dialogue; error.Title = "Logout Error";
error.Title = "Logout Error"; error.Text = "Logout failed.";
error.Text = result.error;
error.SetType(Sakura.DialogueType.Info);
error.AddCallback(Sakura.DialogueButton.Ok, function () { error.AddCallback(Sakura.DialogueButton.Ok, function () {
this.Close(); this.Close();
}); });
error.Display(); error.Display();
} else {
window.location.reload();
}
}); });
ajax.Start(Sakura.HTTPMethod.POST); ajax.Start(Sakura.HTTPMethod.DELETE);
}); });
confirm.Display(); confirm.Display();

View file

@ -22,17 +22,6 @@ Router::group(['before' => 'maintenance'], function () {
Router::get('/', 'MetaController@index', 'main.index'); Router::get('/', 'MetaController@index', 'main.index');
Router::get('/search', 'MetaController@search', 'main.search'); Router::get('/search', 'MetaController@search', 'main.search');
// Auth
Router::post('/login', 'AuthController@login', 'auth.login');
Router::post('/logout', 'AuthController@logout', 'auth.logout');
Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate');
// Link compatibility layer, prolly remove this in like a year // Link compatibility layer, prolly remove this in like a year
Router::get('/r/{id}', function ($id) { Router::get('/r/{id}', function ($id) {
return redirect("/p/{$id}"); return redirect("/p/{$id}");
@ -64,6 +53,19 @@ Router::group(['before' => 'maintenance'], function () {
return redirect(substr($link, 0, 4) === 'http' ? $link : route($link)); return redirect(substr($link, 0, 4) === 'http' ? $link : route($link));
}); });
// Auth
Router::group(['prefix' => 'auth'], function () {
Router::post('/login', 'AuthController@login', 'auth.login');
Router::delete('/logout', 'AuthController@logout', 'auth.logout');
Router::get('/register', 'AuthController@register', 'auth.register');
Router::post('/register', 'AuthController@register', 'auth.register');
Router::get('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::post('/resetpassword', 'AuthController@resetPassword', 'auth.resetpassword');
Router::get('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::post('/reactivate', 'AuthController@reactivate', 'auth.reactivate');
Router::get('/activate', 'AuthController@activate', 'auth.activate');
});
// Info // Info
Router::group(['prefix' => 'info'], function () { Router::group(['prefix' => 'info'], function () {
Router::get('/terms', 'InfoController@terms', 'info.terms'); Router::get('/terms', 'InfoController@terms', 'info.terms');