viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-06-28 06:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

manual merge

Browse Source
This commit is contained in:
Yuri Kuznetsov
2020-07-13 10:55:33 +03:00
parent 827e16cf93 e76490880a
commit f5ea5f673c
4 changed files with 20 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
application/Espo/Core/Authentication/Authentication.php
View File

@@ -449,7 +449,7 @@ class Authentication
if ($authToken->get('secret')) {
$sentSecret = $request->getCookieParam('auth-token-secret');
if ($sentSecret === $authToken->get('secret')) {
setcookie('auth-token-secret', null, -1, '/');
$this->setSecretInCookie(null);
}
}
return true;
@@ -501,15 +501,21 @@ class Authentication
$this->entityManager->saveEntity($authLogRecord);
}
protected function setSecretInCookie(string $secret)
protected function setSecretInCookie(?string $secret)
{
if (!$secret) {
$time = -1;
} else {
$time = strtotime('+1000 days');
}
if (version_compare(\PHP_VERSION, '7.3.0') < 0) {
setcookie('auth-token-secret', $secret, strtotime('+1000 days'), '/', '', false, true);
setcookie('auth-token-secret', $secret, $time, '/', '', false, true);
return;
}
setcookie('auth-token-secret', $secret, [
'expires' => strtotime('+1000 days'),
'expires' => $time,
'path' => '/',
'httponly' => true,
'samesite' => 'Lax',

10
client/src/app.js
View File

@@ -551,13 +551,13 @@ define(
setCookieAuth: function (username, token) {
var date = new Date();
date.setTime(date.getTime() + (1000 * 24*60*60*1000));
document.cookie = 'auth-username='+username+'; expires='+date.toGMTString()+'; path=/';
document.cookie = 'auth-token='+token+'; expires='+date.toGMTString()+'; path=/';
document.cookie = 'auth-username='+username+'; SameSite=Lax; expires='+date.toGMTString()+'; path=/';
document.cookie = 'auth-token='+token+'; SameSite=Lax; expires='+date.toGMTString()+'; path=/';
},
unsetCookieAuth: function () {
document.cookie = 'auth-username' + '=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/';
document.cookie = 'auth-token' + '=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/';
document.cookie = 'auth-username' + '=; SameSite=Lax; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/';
document.cookie = 'auth-token' + '=; SameSite=Lax; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/';
},
initUserData: function (options, callback) {
@@ -671,7 +671,7 @@ define(
if (self.auth) {
self.logout();
} else {
Espo.Ui.error(self.language.translate('Auth error'));
console.error('Error 401: Unauthorized.');
}
}
break;

8
client/src/views/main.js
View File

@@ -199,7 +199,7 @@ define('views/main', 'view', function (Dep) {
var type = false;
['actions', 'dropdown', 'buttons'].forEach(function (t) {
this.menu[t].forEach(function (item, i) {
(this.menu[t] || []).forEach(function (item, i) {
item = item || {};
if (item.name == name) {
index = i;
@@ -244,7 +244,7 @@ define('views/main', 'view', function (Dep) {
hideHeaderActionItem: function (name) {
['actions', 'dropdown', 'buttons'].forEach(function (t) {
this.menu[t].forEach(function (item, i) {
(this.menu[t] || []).forEach(function (item, i) {
item = item || {};
if (item.name == name) {
item.hidden = true;
@@ -260,7 +260,7 @@ define('views/main', 'view', function (Dep) {
showHeaderActionItem: function (name) {
['actions', 'dropdown', 'buttons'].forEach(function (t) {
this.menu[t].forEach(function (item, i) {
(this.menu[t] || []).forEach(function (item, i) {
item = item || {};
if (item.name == name) {
item.hidden = false;
@@ -276,7 +276,7 @@ define('views/main', 'view', function (Dep) {
hasMenuVisibleDropdownItems: function () {
var hasItems = false;
this.menu.dropdown.forEach(function (item) {
(this.menu.dropdown || []).forEach(function (item) {
if (!item.hidden) hasItems = true;
});
return hasItems;

2
package.json
View File

@@ -1,6 +1,6 @@
{
"name": "espocrm",
"version": "5.9.3",
"version": "5.9.4",
"description": "",
"main": "index.php",
"repository": {