Added improved session enforcing and redirection methods

2022-02-10 02:08:46 +01:00 · 2022-02-10 02:08:46 +01:00 · a3c0ac7ab6
parent f9540b9aab
commit a3c0ac7ab6
2 changed files with 26 additions and 4 deletions
--- a/web/src/base.php
+++ b/web/src/base.php
@ -40,8 +40,30 @@ function tpl_styles($styles) {
 }


-function cookie_redirect_app() {
-	// TODO: also check if cookie is valid to redirect
-	if (isset($_COOKIE['fedilove_session']))
+function session() {
+	if (!isset($_COOKIE['fedilove_session']))
+		return null;
+
+	require_once 'database.php';
+	$session = null;
+	if (isset($GLOBALS['db_session']))
+		$session = $GLOBALS['db_session'];
+	else {
+		$session = (new DB())->findOne('u__sessions',
+			['session' => $_COOKIE['fedilove_session']]);
+		$GLOBALS['db_session'] = $session;
+	}
+	if ($session !== null && strlen((string)$session->_id) > 0)
+		return $session;
+	return null;
+}
+
+function session_enforce($redirect = '/') {
+	if (session() === null)
+		redirect($redirect);
+}
+
+function if_session_redirect_app() {
+	if (session() !== null)
 		redirect(APP_DIR);
 }
--- a/web/src/public/login.php
+++ b/web/src/public/login.php
@ -1,5 +1,5 @@
 <?php require 'base.php' ?>
-<?php cookie_redirect_app() ?>
+<?php if_session_redirect_app() ?>
 <?php tpl('pub.header', [
 	'title' => ' s(login)',
 	'scripts' => ['http']