Skip to content

Commit

Permalink
Strict cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
@star7th
star7th committed Oct 19, 2021
1 parent 7e6b547 commit 67093c8
Showing 1 changed file with 16 additions and 5 deletions.
21 changes: 16 additions & 5 deletions server/Application/Api/Controller/UserController.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,12 @@ public function register(){
unset($ret['password']);
session("login_user" , $ret );
$token = D("UserToken")->createToken($ret['uid']);
cookie('cookie_token',$token,array('expire'=>60*60*24*90,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓
$this->sendResult(array(
if(version_compare(PHP_VERSION,'7.3.0','>')){
setcookie('cookie_token',$token,array('expires'=>time()+60*60*24*180,'httponly'=>'httponly','samesite' => 'Strict','path'=>'/'));
}else{
cookie('cookie_token',$token,array('expire'=>60*60*24*180,'httponly'=>'httponly'));
}
$this->sendResult(array(
"uid" => $ret['uid'] ,
"username" => $ret['username'] ,
"name" => $ret['name'] ,
Expand Down Expand Up @@ -134,7 +138,11 @@ public function login(){
session("login_user" , $ret );
D("User")->setLastTime($ret['uid']);
$token = D("UserToken")->createToken($ret['uid'],60*60*24*180);
cookie('cookie_token',$token,array('expire'=>60*60*24*180,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓
if(version_compare(PHP_VERSION,'7.3.0','>')){
setcookie('cookie_token',$token,array('expires'=>time()+60*60*24*180,'httponly'=>'httponly','samesite' => 'Strict','path'=>'/'));
}else{
cookie('cookie_token',$token,array('expire'=>60*60*24*180,'httponly'=>'httponly'));
}
$this->sendResult(array(
"uid" => $ret['uid'] ,
"username" => $ret['username'] ,
Expand Down Expand Up @@ -247,8 +255,11 @@ public function registerByVerify(){
unset($ret['password']);
session("login_user" , $ret );
$token = D("UserToken")->createToken($ret['uid']);
cookie('cookie_token',$token,array('expire'=>60*60*24*90,'httponly'=>'httponly'));//此处由服务端控制token是否过期,所以cookies过期时间设置多久都无所谓

if(version_compare(PHP_VERSION,'7.3.0','>')){
setcookie('cookie_token',$token,array('expires'=>time()+60*60*24*180,'httponly'=>'httponly','samesite' => 'Strict','path'=>'/'));
}else{
cookie('cookie_token',$token,array('expire'=>60*60*24*180,'httponly'=>'httponly'));
}
$this->sendResult(array(
"uid" => $ret['uid'] ,
"username" => $ret['username'] ,
Expand Down

0 comments on commit 67093c8

Please sign in to comment.