reivilibre/TaskBoard
Archived
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases 2 Wiki Activity

Fix #68. Now possible to be logged in from many browsers.

Browse Source
This commit is contained in:
kiswa 2015-03-20 14:26:53 -04:00
parent c346026ee4
commit 96fe66fea4
2 changed files with 28 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
api/helpers.php
View File

@ -35,8 +35,14 @@ function setUserToken($user, $expires) {
'uid' => $user->id 'uid' => $user->id
), getJwtKey()); ), getJwtKey());
// Store the valid token in the user db $dbToken = R::dispense('token');
$user->token = $token; $dbToken->token = $token;
if (null == $user->ownToken) {
$user->ownToken = [];
}
$user->ownToken[] = $dbToken;
R::store($user); R::store($user);
} }
@ -215,7 +221,7 @@ function loadBoardData($board, $data) {
// Clean a user bean for return to front-end. // Clean a user bean for return to front-end.
function sanitize($user) { function sanitize($user) {
$user['salt'] = null; $user['salt'] = null;
$user['token'] = null; $user['ownToken'] = null;
$user['password'] = null; $user['password'] = null;
} }
@ -262,13 +268,21 @@ function validateToken($requireAdmin = false) {
// Retrieve user's token from DB and compare to header token. // Retrieve user's token from DB and compare to header token.
function checkDbToken() { function checkDbToken() {
$user = getUser(); $user = getUser();
$isValid = false;
if (null != $user) { if (null != $user) {
if (isset(getallheaders()['Authorization'])) { if (isset(getallheaders()['Authorization'])) {
$hash = getallheaders()['Authorization']; $hash = getallheaders()['Authorization'];
return $hash == $user->token;
foreach ($user->ownToken as $token) {
if ($hash == $token->token) {
$isValid = true;
} }
} }
return false; }
}
return $isValid;
} }
// Clear a user's token from the DB. // Clear a user's token from the DB.
@ -282,7 +296,14 @@ function clearDbToken() {
if (null != $payload) { if (null != $payload) {
$user = R::load('user', $payload->uid); $user = R::load('user', $payload->uid);
if (0 != $user->id) { if (0 != $user->id) {
$user->token = null; $hash = getallheaders()['Authorization'];
foreach ($user->ownToken as $token) {
if ($hash == $token->token) {
R::trash($token);
}
}
R::store($user); R::store($user);
} }
} }

2
api/userRoutes.php
View File

@ -26,7 +26,7 @@ $app->post('/login', function() use ($app, $jsonResponse) {
logAction($lookup->username . ' logged in.', null, null); logAction($lookup->username . ' logged in.', null, null);
$jsonResponse->message = 'Login successful.'; $jsonResponse->message = 'Login successful.';
$jsonResponse->data = $lookup->token; $jsonResponse->data = R::findOne('token', ' user_id = ? ORDER BY id DESC ', [$lookup->id])->token;
$app->response->setStatus(200); $app->response->setStatus(200);
} }
} }