Improved the way we handle localhost cookies
This commit is contained in:
parent
1e86d5c429
commit
3a0f6639b3
|
@ -3,7 +3,6 @@
|
|||
global $utopia, $register, $response, $user, $audit, $project, $projectDB, $providers;
|
||||
|
||||
use Utopia\Exception;
|
||||
use Utopia\Response;
|
||||
use Utopia\Validator\Text;
|
||||
use Utopia\Validator\Email;
|
||||
use Utopia\Locale\Locale;
|
||||
|
@ -353,7 +352,7 @@ $utopia->delete('/v1/account')
|
|||
;
|
||||
|
||||
$response
|
||||
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE)
|
||||
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE)
|
||||
->json(array('result' => 'success'));
|
||||
}
|
||||
);
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
global $utopia, $register, $request, $response, $user, $audit, $webhook, $project, $domain, $projectDB, $providers, $clients;
|
||||
|
||||
use Utopia\Exception;
|
||||
use Utopia\Response;
|
||||
use Utopia\Validator\WhiteList;
|
||||
use Utopia\Validator\Text;
|
||||
use Utopia\Validator\Email;
|
||||
|
@ -176,7 +175,7 @@ $utopia->post('/v1/auth/register')
|
|||
;
|
||||
|
||||
$response
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $loginSecret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE);
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $loginSecret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE);
|
||||
|
||||
if ($success) {
|
||||
$response->redirect($success);
|
||||
|
@ -374,7 +373,7 @@ $utopia->post('/v1/auth/login')
|
|||
;
|
||||
|
||||
$response
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($profile->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE);
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($profile->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE);
|
||||
|
||||
if ($success) {
|
||||
$response->redirect($success);
|
||||
|
@ -609,7 +608,7 @@ $utopia->get('/v1/auth/login/oauth/:provider/redirect')
|
|||
;
|
||||
|
||||
$response
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE)
|
||||
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE)
|
||||
;
|
||||
|
||||
$response->redirect($state['success']);
|
||||
|
@ -642,7 +641,7 @@ $utopia->delete('/v1/auth/logout')
|
|||
$audit->setParam('event', 'auth.logout');
|
||||
|
||||
$response
|
||||
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE)
|
||||
->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE)
|
||||
->json(array('result' => 'success'))
|
||||
;
|
||||
}
|
||||
|
@ -672,7 +671,7 @@ $utopia->delete('/v1/auth/logout/:id')
|
|||
;
|
||||
|
||||
if ($token->getAttribute('secret') == Auth::hash(Auth::$secret)) { // If current session delete cookies
|
||||
$response->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE);
|
||||
$response->addCookie(Auth::$cookieName, '', time() - 3600, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -592,7 +592,7 @@ $utopia->patch('/v1/teams/:teamId/memberships/:inviteId/status')
|
|||
->setParam('event', 'auth.join')
|
||||
;
|
||||
|
||||
$response->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, Response::COOKIE_SAMESITE_NONE);
|
||||
$response->addCookie(Auth::$cookieName, Auth::encodeSession($user->getUid(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $request->getServer('REQUEST_SCHEME', 'https')), true, COOKIE_SAMESITE);
|
||||
|
||||
if ($success) {
|
||||
$response->redirect($success);
|
||||
|
|
11
app/init.php
11
app/init.php
|
@ -47,7 +47,12 @@ $port = (string) (isset($_SERVER['HTTP_HOST'])) ? parse_url($_SERVER['HTTP_HOST'
|
|||
|
||||
Resque::setBackend($redisHost.':'.$redisPort);
|
||||
|
||||
define('COOKIE_DOMAIN', ($request->getServer('HTTP_HOST', null) === 'localhost' || $request->getServer('HTTP_HOST', null) === 'localhost:'.$port) ? false : '.'.$request->getServer('HTTP_HOST', false));
|
||||
define('COOKIE_DOMAIN', (
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost' ||
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost:'.$port)
|
||||
? null
|
||||
: '.'.parse_url($request->getServer('HTTP_HOST', false), PHP_URL_HOST));
|
||||
define('COOKIE_SAMESITE', null); // Response::COOKIE_SAMESITE_NONE
|
||||
|
||||
/*
|
||||
* Registry
|
||||
|
@ -210,10 +215,10 @@ if (is_null($project->getUid()) || Database::SYSTEM_COLLECTION_PROJECTS !== $pro
|
|||
|
||||
$mode = $request->getParam('mode', $request->getHeader('X-Appwrite-Mode', 'default'));
|
||||
|
||||
Auth::setCookieName('a-session-'.$project->getUid());
|
||||
Auth::setCookieName('a_session_'.$project->getUid());
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
Auth::setCookieName('a-session-'.$console->getUid());
|
||||
Auth::setCookieName('a_session_'.$console->getUid());
|
||||
}
|
||||
|
||||
$session = Auth::decodeSession($request->getCookie(Auth::$cookieName, $request->getHeader('X-Appwrite-Key', '')));
|
||||
|
|
2
public/dist/styles/default-ltr.css
vendored
2
public/dist/styles/default-ltr.css
vendored
File diff suppressed because one or more lines are too long
2
public/dist/styles/default-rtl.css
vendored
2
public/dist/styles/default-rtl.css
vendored
File diff suppressed because one or more lines are too long
|
@ -7,4 +7,9 @@ html.home {
|
|||
max-height: 35px;
|
||||
margin: 45px 25px 25px 25px;
|
||||
}
|
||||
|
||||
footer {
|
||||
background: transparent;
|
||||
text-align: center;
|
||||
}
|
||||
}
|
|
@ -59,7 +59,7 @@ class Auth
|
|||
/**
|
||||
* @var string
|
||||
*/
|
||||
public static $cookieName = 'a-session';
|
||||
public static $cookieName = 'a_session';
|
||||
|
||||
/**
|
||||
* User Unique ID.
|
||||
|
|
|
@ -55,12 +55,12 @@ class BaseConsole extends TestCase
|
|||
$this->assertEquals('http://localhost/success', $response['headers']['location']);
|
||||
$this->assertEquals("", $response['body']);
|
||||
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a-session-console'];
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a_session_console'];
|
||||
|
||||
$team = $this->client->call(Client::METHOD_POST, '/teams', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $session,
|
||||
'cookie' => 'a_session_console=' . $session,
|
||||
], [
|
||||
'name' => 'Demo Project Team',
|
||||
]);
|
||||
|
@ -72,7 +72,7 @@ class BaseConsole extends TestCase
|
|||
$project = $this->client->call(Client::METHOD_POST, '/projects', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $session,
|
||||
'cookie' => 'a_session_console=' . $session,
|
||||
], [
|
||||
'name' => 'Demo Project',
|
||||
'teamId' => $team['body']['$uid'],
|
||||
|
@ -93,7 +93,7 @@ class BaseConsole extends TestCase
|
|||
$key = $this->client->call(Client::METHOD_POST, '/projects/' . $project['body']['$uid'] . '/keys', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $session,
|
||||
'cookie' => 'a_session_console=' . $session,
|
||||
], [
|
||||
'name' => 'Demo Project Key',
|
||||
'scopes' => $scopes,
|
||||
|
@ -114,7 +114,7 @@ class BaseConsole extends TestCase
|
|||
'session' => $session,
|
||||
'projectUid' => $project['body']['$uid'],
|
||||
'projectAPIKeySecret' => $key['body']['secret'],
|
||||
'projectSession' => $this->client->parseCookie($user['headers']['set-cookie'])['a-session-' . $project['body']['$uid']],
|
||||
'projectSession' => $this->client->parseCookie($user['headers']['set-cookie'])['a_session_' . $project['body']['$uid']],
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -13,7 +13,7 @@ class ConsoleProjectsTest extends BaseConsole
|
|||
$this->assertEquals('http://localhost/success', $response['headers']['location']);
|
||||
$this->assertEquals("", $response['body']);
|
||||
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a-session-console'];
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a_session_console'];
|
||||
|
||||
return [
|
||||
'email' => $this->demoEmail,
|
||||
|
@ -30,7 +30,7 @@ class ConsoleProjectsTest extends BaseConsole
|
|||
$response = $this->client->call(Client::METHOD_GET, '/projects', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], []);
|
||||
|
||||
$this->assertEquals(200, $response['headers']['status-code']);
|
||||
|
@ -45,7 +45,7 @@ class ConsoleProjectsTest extends BaseConsole
|
|||
$team = $this->client->call(Client::METHOD_POST, '/teams', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], [
|
||||
'name' => 'Demo Project Team',
|
||||
]);
|
||||
|
@ -57,7 +57,7 @@ class ConsoleProjectsTest extends BaseConsole
|
|||
$response = $this->client->call(Client::METHOD_POST, '/projects', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], [
|
||||
'name' => 'Demo Project',
|
||||
'teamId' => $team['body']['$uid'],
|
||||
|
@ -88,7 +88,7 @@ class ConsoleProjectsTest extends BaseConsole
|
|||
$response = $this->client->call(Client::METHOD_POST, '/projects', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], array_merge($data['project'], [
|
||||
'name' => 'New Project Name',
|
||||
'description' => 'New Demo Project Description',
|
||||
|
|
|
@ -34,7 +34,7 @@ class ConsoleTest extends BaseConsole
|
|||
'failure' => 'http://localhost/failure',
|
||||
]);
|
||||
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a-session-console'];
|
||||
$session = $this->client->parseCookie($response['headers']['set-cookie'])['a_session_console'];
|
||||
|
||||
$this->assertEquals('http://localhost/success', $response['headers']['location']);
|
||||
$this->assertEquals("", $response['body']);
|
||||
|
@ -54,7 +54,7 @@ class ConsoleTest extends BaseConsole
|
|||
$response = $this->client->call(Client::METHOD_GET, '/account', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], []);
|
||||
|
||||
$this->assertEquals('Demo User', $response['body']['name']);
|
||||
|
@ -77,7 +77,7 @@ class ConsoleTest extends BaseConsole
|
|||
$response = $this->client->call(Client::METHOD_DELETE, '/auth/logout', [
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'cookie' => 'a-session-console=' . $data['session'],
|
||||
'cookie' => 'a_session_console=' . $data['session'],
|
||||
], []);
|
||||
|
||||
$this->assertEquals(200, $response['headers']['status-code']);
|
||||
|
|
Loading…
Reference in a new issue