Fixed a lot of responsive problems.
- Fixed auth problem - Fixed BBCode and Markdown apparition in some unnecessary parts
This commit is contained in:
@@ -64,6 +64,19 @@ class XenForoGuard implements Guard
|
||||
if ($this->hasUser())
|
||||
return $this->user;
|
||||
|
||||
$user = $this->getFromSession();
|
||||
if( $user )
|
||||
return $user;
|
||||
|
||||
$user = $this->getFromCookie();
|
||||
if( $user )
|
||||
return $user;
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function getFromSession(): ?XenForoUser
|
||||
{
|
||||
$sessionId = $this->request->cookie('xf_session');
|
||||
if(!$sessionId)
|
||||
return null;
|
||||
@@ -92,6 +105,64 @@ class XenForoGuard implements Guard
|
||||
return $this->user = new XenForoUser($xfUser);
|
||||
}
|
||||
|
||||
private function isCorrectCookieKey(string $key, $record): bool
|
||||
{
|
||||
$known = $record->remember_key;
|
||||
if( !$known )
|
||||
return false;
|
||||
|
||||
$check = hash('sha256', $key, true);
|
||||
return hash_equals($known, $check);
|
||||
}
|
||||
|
||||
private function getFromCookie(): ?XenForoUser
|
||||
{
|
||||
$cookie = $this->request->cookie('xf_user');
|
||||
if(!$cookie)
|
||||
return null;
|
||||
|
||||
$parts = explode(',', $cookie);
|
||||
if( count( $parts ) !== 2 )
|
||||
return null;
|
||||
|
||||
[$userId, $key] = $parts;
|
||||
$userId = (int) $userId;
|
||||
|
||||
if( !$userId || !$key )
|
||||
return null;
|
||||
|
||||
$remembers = \DB::connection('xenforo')
|
||||
->table('user_remember')
|
||||
->where('user_id', $userId)
|
||||
->get();
|
||||
|
||||
if( !$remembers )
|
||||
return null;
|
||||
|
||||
$valid = false;
|
||||
|
||||
foreach( $remembers as $remember )
|
||||
{
|
||||
if( $this->isCorrectCookieKey($key, $remember) && $remember->expiry_date >= time() ){
|
||||
$valid = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if( !$valid )
|
||||
return null;
|
||||
|
||||
$xfUser = \DB::connection('xenforo')
|
||||
->table('user')
|
||||
->where('user_id', $userId)
|
||||
->first();
|
||||
|
||||
if(!$xfUser)
|
||||
return null;
|
||||
|
||||
return $this->user = new XenForoUser($xfUser);
|
||||
}
|
||||
|
||||
/**
|
||||
* Unused.
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user