forked from pterodactyl/panel
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathHandleStatelessRequest.php
More file actions
35 lines (29 loc) · 1021 Bytes
/
HandleStatelessRequest.php
File metadata and controls
35 lines (29 loc) · 1021 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php
namespace Pterodactyl\Http\Middleware\Api;
use Closure;
use Illuminate\Http\Request;
class HandleStatelessRequest
{
/**
* Ensure that the 'Set-Cookie' header is removed from the response if
* a bearer token is present and there is an api_key in the request attributes.
*
* This will also delete the session from the database automatically so that
* it is effectively treated as a stateless request. Any additional requests
* attempting to use that session will find no data.
*
* @return \Illuminate\Http\Response
*/
public function handle(Request $request, Closure $next)
{
/** @var \Illuminate\Http\Response $response */
$response = $next($request);
if (!is_null($request->bearerToken()) && $request->isJson()) {
$request->session()->getHandler()->destroy(
$request->session()->getId()
);
$response->headers->remove('Set-Cookie');
}
return $response;
}
}