mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-12 15:34:26 +02:00
Code Issues Releases Wiki Activity

Make sure access/email/password tokens are valid

Browse Source
This commit is contained in:
Toby Zerner
2015-08-06 15:04:38 +09:30
parent 32648147e2
commit 3aebd458b0
7 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Admin/Middleware/LoginWithCookieAndCheckAdmin.php
View File

@@ -27,7 +27,7 @@ class LoginWithCookieAndCheckAdmin implements MiddlewareInterface
public function __invoke(Request $request, Response $response, callable $out = null)
{
if (($token = array_get($request->getCookieParams(), 'flarum_remember')) &&
($accessToken = AccessToken::where('id', $token)->first()) &&
($accessToken = AccessToken::valid($token)) &&
$accessToken->user->isAdmin()
) {
$this->app->instance('flarum.actor', $accessToken->user);