CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-02 10:54:44 +12:00
Code Issues Projects Releases Wiki Activity

Added no caching on get oauth requests

Browse source
This commit is contained in:
Eldad Fux 2020-04-08 14:21:41 +03:00
parent 9d6d6b24cc
commit 79560d5c7e
2 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/app.php
View file

@ -56,7 +56,7 @@ $utopia->init(function () use ($utopia, $request, $response, &$user, $project, $
$route = $utopia->match($request);
if(!empty($route->getLabel('sdk.platform', [])) && empty($project->getId())) {
throw new Exception('Missing project ID', 400);
throw new Exception('Missing or unknown project ID', 400);
}
$referrer = $request->getServer('HTTP_REFERER', '');

15
app/controllers/api/account.php
View file

@ -275,7 +275,10 @@ $utopia->get('/v1/account/sessions/oauth2/:provider')
$oauth2 = new $classname($appId, $appSecret, $callback, ['success' => $success, 'failure' => $failure]);
$response->redirect($oauth2->getLoginURL());
$response
->addHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0')
->addHeader('Pragma', 'no-cache')
->redirect($oauth2->getLoginURL());
}
);
@ -292,8 +295,12 @@ $utopia->get('/v1/account/sessions/oauth2/callback/:provider/:projectId')
function ($projectId, $provider, $code, $state) use ($response) {
$domain = Config::getParam('domain');
$protocol = Config::getParam('protocol');
$response->redirect($protocol.'://'.$domain.'/v1/account/sessions/oauth2/'.$provider.'/redirect?'
.http_build_query(['project' => $projectId, 'code' => $code, 'state' => $state]));
$response
->addHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0')
->addHeader('Pragma', 'no-cache')
->redirect($protocol.'://'.$domain.'/v1/account/sessions/oauth2/'.$provider.'/redirect?'
.http_build_query(['project' => $projectId, 'code' => $code, 'state' => $state]));
}
);
@ -470,6 +477,8 @@ $utopia->get('/v1/account/sessions/oauth2/:provider/redirect')
}
$response
->addHeader('Cache-Control', 'no-store, no-cache, must-revalidate, max-age=0')
->addHeader('Pragma', 'no-cache')
->addCookie(Auth::$cookieName.'_legacy', Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, null)
->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), $expiry, '/', COOKIE_DOMAIN, ('https' == $protocol), true, COOKIE_SAMESITE)
->redirect($state['success'])