mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-09-20 07:35:55 +08:00
Improved clear cookie handling
This commit is contained in:
parent
366ca05200
commit
d0fb4ee2f6
|
@ -182,18 +182,6 @@ trait UserAuth
|
|||
return $oAccount;
|
||||
}
|
||||
|
||||
private static function SetAccountCookie(string $sName, ?Account $oAccount)
|
||||
{
|
||||
if ($oAccount) {
|
||||
Cookies::set(
|
||||
$sName,
|
||||
\MailSo\Base\Utils::UrlSafeBase64Encode(\SnappyMail\Crypt::EncryptToJSON($oAccount))
|
||||
);
|
||||
} else {
|
||||
Cookies::clear($sName);
|
||||
}
|
||||
}
|
||||
|
||||
public function switchAccount(string $sEmail) : bool
|
||||
{
|
||||
$this->Http()->ServerNoCache();
|
||||
|
@ -337,13 +325,13 @@ trait UserAuth
|
|||
public function SetAuthToken(MainAccount $oAccount): void
|
||||
{
|
||||
$this->SetMainAuthAccount($oAccount);
|
||||
static::SetAccountCookie(self::AUTH_SPEC_TOKEN_KEY, $oAccount);
|
||||
Cookies::setSecure(self::AUTH_SPEC_TOKEN_KEY, $oAccount);
|
||||
}
|
||||
|
||||
public function SetAdditionalAuthToken(?AdditionalAccount $oAccount): void
|
||||
{
|
||||
$this->oAdditionalAuthAccount = $oAccount ?: false;
|
||||
static::SetAccountCookie(self::AUTH_ADDITIONAL_TOKEN_KEY, $oAccount);
|
||||
Cookies::setSecure(self::AUTH_ADDITIONAL_TOKEN_KEY, $oAccount);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -47,6 +47,18 @@ class Cookies
|
|||
: null;
|
||||
}
|
||||
|
||||
public static function setSecure(string $sName, $data): void
|
||||
{
|
||||
if (\is_null($data)) {
|
||||
static::clear($sName);
|
||||
} else {
|
||||
static::set(
|
||||
$sName,
|
||||
\MailSo\Base\Utils::UrlSafeBase64Encode(Crypt::EncryptToJSON($data))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
private static function _set(string $sName, string $sValue, int $iExpire, bool $httponly = true) : bool
|
||||
{
|
||||
$sPath = static::$DefaultPath;
|
||||
|
@ -134,5 +146,11 @@ class Cookies
|
|||
{
|
||||
static::init();
|
||||
static::_set($sName, '', 0);
|
||||
// Delete 4K split cookie parts
|
||||
foreach (\array_keys($_COOKIE) as $sCookieName) {
|
||||
if (\strtok($sCookieName, '~') === $sName) {
|
||||
static::_set($sCookieName, '', 0);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue