Commit 720522f6 authored by Mark Harding's avatar Mark Harding

(feat): save a canary cookie to all our canaries

No related merge requests found
Pipeline #73954125 canceled with stages
in 14 minutes and 21 seconds
......@@ -10,6 +10,7 @@ namespace Minds\Controllers\api\v1;
use Minds\Core;
use Minds\Core\Security;
use Minds\Core\Session;
use Minds\Core\Features;
use Minds\Core\Di\Di;
use Minds\Entities;
use Minds\Interfaces;
......@@ -99,6 +100,10 @@ class authenticate implements Interfaces\Api, Interfaces\ApiIgnorePam
Session::generateJWTCookie($sessions->getSession());
Security\XSRF::setCookie(true);
// Set the canary cookie
Di::_()->get('Features\Manager')
->setCanaryCookie($user->isCanary());
$response['status'] = 'success';
$response['user'] = $user->export();
......
......@@ -23,6 +23,11 @@ class canary implements Interfaces\Api
'message' => 'You are not logged in'
]);
}
// Refresh the canary cookie
Di::_()->get('Features\Manager')
->setCanaryCookie($user->isCanary());
return Factory::response([
'enabled' => (bool) $user->isCanary(),
]);
......@@ -51,6 +56,10 @@ class canary implements Interfaces\Api
],
'message' => $message,
]);
// Set the canary cookie
Di::_()->get('Features\Manager')
->setCanaryCookie($user->isCanary());
return Factory::response([]);
}
......
......@@ -17,5 +17,8 @@ class FeaturesProvider extends Provider
$this->di->bind('Features', function ($di) {
return new Manager();
}, [ 'useFactory'=> true ]);
$this->di->bind('Features\Manager', function ($di) {
return new Manager();
}, [ 'useFactory'=> true ]);
}
}
......@@ -9,6 +9,7 @@
namespace Minds\Core\Features;
use Minds\Core\Di\Di;
use Minds\Common\Cookie;
use Minds\Core\Session;
class Manager
......@@ -18,10 +19,14 @@ class Manager
/** @var Config $config */
private $config;
/** @var Cookie $cookie */
private $cookie;
public function __construct($config = null)
public function __construct($config = null, $cookie = null)
{
$this->config = $config ?: Di::_()->get('Config');
$this->cookie = $cookie ?: new Cookie;
}
/**
......@@ -65,4 +70,21 @@ class Manager
{
return $this->config->get('features') ?: [];
}
/**
* Set the canary cookie
* @param bool $enabled
* @return void
*/
public function setCanaryCookie(bool $enabled = true) : void
{
$this->cookie
->setName('canary')
->setValue((int) $enabled)
->setExpire(0)
->setSecure(true) //only via ssl
->setHttpOnly(true) //never by browser
->setPath('/')
->create();
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment