AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve session handler and add Ajax session check

Browse Source
This commit is contained in:
Frédéric Guillot
2014-11-29 17:18:23 -05:00
parent 7d36747de6
commit e72327d4b1
10 changed files with 68 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/Controller/Base.php
View File

@@ -140,7 +140,7 @@ abstract class Base
public function beforeAction($controller, $action)
{
// Start the session
$this->session->open(BASE_URL_DIRECTORY, SESSION_SAVE_PATH);
$this->session->open(BASE_URL_DIRECTORY);
// HTTP secure headers
$this->response->csp(array('style-src' => "'self' 'unsafe-inline'"));
@@ -161,6 +161,11 @@ abstract class Base
// Authentication
if (! $this->authentication->isAuthenticated($controller, $action)) {
if ($this->request->isAjax()) {
$this->response->text('Not Authorized', 401);
}
$this->response->redirect('?controller=user&action=login&redirect_query='.urlencode($this->request->getQueryString()));
}