mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-12 07:24:27 +02:00
Code Issues Releases Wiki Activity

Make sure access/email/password tokens are valid

Browse Source
This commit is contained in:
Toby Zerner
2015-08-06 15:04:38 +09:30
parent 32648147e2
commit 3aebd458b0
7 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/Middleware/LoginWithHeader.php
View File

@@ -34,7 +34,7 @@ class LoginWithHeader implements MiddlewareInterface
$header = $request->getHeaderLine('authorization');
if (starts_with($header, $this->prefix) &&
($token = substr($header, strlen($this->prefix))) &&
($accessToken = AccessToken::where('id', $token)->first())
($accessToken = AccessToken::valid($token))
) {
$this->app->instance('flarum.actor', $user = $accessToken->user);