mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-14 16:34:26 +02:00
Code Issues Releases Wiki Activity

merges 5.5 and master into next-back

Browse Source
This commit is contained in:
Daniël Klabbers
2017-12-14 01:00:16 +01:00
parent 93aa3d77b5 c6ce172caa
commit f65e4dcba3
104 changed files with 1723 additions and 1828 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
src/Forum/Controller/LogOutController.php
View File

@@ -16,10 +16,13 @@ use Flarum\Http\Controller\ControllerInterface;
use Flarum\Http\Exception\TokenMismatchException;
use Flarum\Http\Rememberer;
use Flarum\Http\SessionAuthenticator;
use Flarum\Http\UrlGenerator;
use Flarum\User\AssertPermissionTrait;
use Flarum\User\Event\LoggedOut;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Contracts\View\Factory;
use Psr\Http\Message\ServerRequestInterface as Request;
use Zend\Diactoros\Response\HtmlResponse;
use Zend\Diactoros\Response\RedirectResponse;
class LogOutController implements ControllerInterface
@@ -46,18 +49,38 @@ class LogOutController implements ControllerInterface
*/
protected $rememberer;
/**
* @var Factory
*/
protected $view;
/**
* @var UrlGenerator
*/
protected $url;
/**
* @param Application $app
* @param Dispatcher $events
* @param SessionAuthenticator $authenticator
* @param Rememberer $rememberer
* @param Factory $view
* @param UrlGenerator $url
*/
public function __construct(Application $app, Dispatcher $events, SessionAuthenticator $authenticator, Rememberer $rememberer)
{
public function __construct(
Application $app,
Dispatcher $events,
SessionAuthenticator $authenticator,
Rememberer $rememberer,
Factory $view,
UrlGenerator $url
) {
$this->app = $app;
$this->events = $events;
$this->authenticator = $authenticator;
$this->rememberer = $rememberer;
$this->view = $view;
$this->url = $url;
}
/**
@@ -68,17 +91,28 @@ class LogOutController implements ControllerInterface
public function handle(Request $request)
{
$session = $request->getAttribute('session');
if (array_get($request->getQueryParams(), 'token') !== $session->get('csrf_token')) {
throw new TokenMismatchException;
}
$actor = $request->getAttribute('actor');
$this->assertRegistered($actor);
$url = array_get($request->getQueryParams(), 'return', $this->app->url());
// If there is no user logged in, return to the index.
if ($actor->isGuest()) {
return new RedirectResponse($url);
}
// If a valid CSRF token hasn't been provided, show a view which will
// allow the user to press a button to complete the log out process.
$csrfToken = $session->get('csrf_token');
if (array_get($request->getQueryParams(), 'token') !== $csrfToken) {
$return = array_get($request->getQueryParams(), 'return');
$view = $this->view->make('flarum.forum::log-out')
->with('url', $this->url->toRoute('logout').'?token='.$csrfToken.($return ? '&return='.urlencode($return) : ''));
return new HtmlResponse($view->render());
}
$response = new RedirectResponse($url);
$this->authenticator->logOut($session);