Skip to content

Commit

Permalink
Try to fix issue #38 again
Browse files Browse the repository at this point in the history
  • Loading branch information
@bohwaz
bohwaz committed Jun 6, 2024
1 parent e5d3e8d commit b1841a1
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions server/inc/API.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,20 +186,20 @@ public function requireAuth(?string $username = null): void
return;
}

if (empty($_COOKIE['sessionid']) && isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
$this->login();
$this->user = $_SESSION['user'];
return;
}

if (empty($_COOKIE['sessionid'])) {
$this->error(401, 'session cookie is required' . print_r([$_POST, $_SERVER], true));
$this->error(401, 'session cookie is required');
}

@session_start();

if (empty($_SESSION['user'])) {
$this->error(401, 'Invalid sessionid cookie');
$this->error(401, 'Expired sessionid cookie, and no Authorization header was provided');
}

if (!$this->db->firstColumn('SELECT 1 FROM users WHERE id = ?;', $_SESSION['user']->id)) {
Expand Down

0 comments on commit b1841a1

Please sign in to comment.