Alamantus/Lexiconga
1
0
Fork 0
mirror of https://github.com/Alamantus/Lexiconga.git synced 2025-06-07 09:46:37 +02:00
Code Issues Releases Activity

Use cookies for storing tokens

Browse source
This commit is contained in:
Robbie Antenesse 2019-05-14 15:49:54 -06:00
parent f642519125
commit a4358a7658
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/php/api/User.php
View file

@ -24,9 +24,10 @@ class User {
} }
} else if (password_verify($password, $user['password'])) { } else if (password_verify($password, $user['password'])) {
$this->db->execute('UPDATE users SET last_login=' . time() . ' WHERE id=' . $user['id']); $this->db->execute('UPDATE users SET last_login=' . time() . ' WHERE id=' . $user['id']);
setcookie('token', $this->generateUserToken($user['id'], $user['current_dictionary']));
return array( return array(
'token' => $this->generateUserToken($user['id'], $user['current_dictionary']),
'user' => $this->getUserData($user['id']), 'user' => $this->getUserData($user['id']),
'dictionary' => $this->token->hash($user['current_dictionary']),
); );
} }
} }
@ -59,9 +60,10 @@ VALUES (?, ?, ?, ?, ?)';
if (isset($new_dictionary['error'])) { if (isset($new_dictionary['error'])) {
return $new_dictionary; return $new_dictionary;
} else { } else {
setcookie('token', $this->generateUserToken($new_user_id, $new_dictionary));
return array( return array(
'token' => $this->generateUserToken($new_user_id, $new_dictionary),
'user' => $this->getUserData($new_user_id), 'user' => $this->getUserData($new_user_id),
'dictionary' => $this->token->hash($new_dictionary),
); );
} }
} }
@ -95,7 +97,7 @@ VALUES (?, ?, ?, ?, ?)';
} }
public function getUserData ($user_id) { public function getUserData ($user_id) {
$query = 'SELECT * FROM users WHERE id=?'; $query = 'SELECT email, public_name, allow_emails FROM users WHERE id=?';
$stmt = $this->db->query($query, array($user_id)); $stmt = $this->db->query($query, array($user_id));
$user = $stmt->fetch(); $user = $stmt->fetch();
if ($stmt && $user) { if ($stmt && $user) {

2
src/php/api/index.php
View file

@ -6,7 +6,7 @@ $inputJSON = file_get_contents('php://input');
$request= json_decode($inputJSON, true); $request= json_decode($inputJSON, true);
$action = isset($request['action']) ? $request['action'] : ''; $action = isset($request['action']) ? $request['action'] : '';
$token = isset($request['token']) ? $request['token'] : false; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : false;
switch ($action) { switch ($action) {
case 'login': { case 'login': {