mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-11-29 09:43:16 +00:00
Update DangerZone middleware to use session instead of cookie
This commit is contained in:
parent
336deae05b
commit
d90cfffa3f
2 changed files with 9 additions and 6 deletions
|
@ -291,9 +291,10 @@ class AccountController extends Controller
|
||||||
]);
|
]);
|
||||||
$user = Auth::user();
|
$user = Auth::user();
|
||||||
$password = $request->input('password');
|
$password = $request->input('password');
|
||||||
$next = $request->cookie('redirectNext') ?:'/';
|
$next = $request->session()->get('redirectNext', '/');
|
||||||
if(password_verify($password, $user->password) === true) {
|
if(password_verify($password, $user->password) === true) {
|
||||||
return redirect($next)->withCookie('sudoMode', time());
|
$request->session()->put('sudoMode', time());
|
||||||
|
return redirect($next);
|
||||||
}
|
}
|
||||||
return redirect($next);
|
return redirect($next);
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,11 +20,13 @@ class DangerZone
|
||||||
return redirect(route('login'));
|
return redirect(route('login'));
|
||||||
}
|
}
|
||||||
if(!$request->is('i/auth/sudo')) {
|
if(!$request->is('i/auth/sudo')) {
|
||||||
if( false == $request->cookie('sudoMode') ) {
|
if( !$request->session()->has('sudoMode') ) {
|
||||||
return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url());
|
$request->session()->put('redirectNext', $request->url());
|
||||||
|
return redirect('/i/auth/sudo');
|
||||||
}
|
}
|
||||||
if( $request->cookie('sudoMode') < Carbon::now()->subMinutes(30)->timestamp ) {
|
if( $request->session()->get('sudoMode') < Carbon::now()->subMinutes(30)->timestamp ) {
|
||||||
return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url());
|
$request->session()->put('redirectNext', $request->url());
|
||||||
|
return redirect('/i/auth/sudo');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return $next($request);
|
return $next($request);
|
||||||
|
|
Loading…
Reference in a new issue