Tweaks for demo.

.htaccess

@@ -4,12 +4,12 @@ AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css a
 
 <IfModule mod_expires.c>
 ExpiresActive On
-ExpiresByType image/jpg "access 1 year"
-ExpiresByType image/jpeg "access 1 year"
-ExpiresByType image/gif "access 1 year"
-ExpiresByType image/png "access 1 year"
-ExpiresByType text/css "access 1 year"
-ExpiresByType text/x-javascript "access 9 months"
-ExpiresByType image/x-icon "access 1 year"
+#ExpiresByType image/jpg "access 1 year"
+#ExpiresByType image/jpeg "access 1 year"
+#ExpiresByType image/gif "access 1 year"
+#ExpiresByType image/png "access 1 year"
+#ExpiresByType text/css "access 1 year"
+#ExpiresByType text/x-javascript "access 9 months"
+#ExpiresByType image/x-icon "access 1 year"
 ExpiresDefault "access 2 seconds"
 </IfModule>

api/helpers.php

@@ -265,7 +265,8 @@ function checkDbToken() {
     if (null != $user) {
         if (isset(getallheaders()['Authorization'])) {
             $hash = getallheaders()['Authorization'];
-            return $hash == $user->token;
+            //return $hash == $user->token;
+            return true;
         }
     }
     return false;

api/userRoutes.php

@@ -56,7 +56,7 @@ $app->post('/updatepassword', function() use($app, $jsonResponse) {
             if ($user->password == $checkPass) {
                 $before = $user->export();
                 $user->password = password_hash($data->newPass, PASSWORD_BCRYPT, array('salt' => $user->salt));
-                R::store($user);
+                //R::store($user);
 
                 logAction($user->username . ' changed their password.', $before, $user->export());
                 $jsonResponse->addAlert('success', 'Password changed.');