Added Middleware to remove cookies on public routes

This commit is contained in:
Julian Prieber 2023-12-14 23:19:28 +01:00
parent ce60ce8c17
commit 0d805c00cc
4 changed files with 41 additions and 6 deletions

View File

@ -54,9 +54,11 @@ class Kernel extends HttpKernel
* @var array * @var array
*/ */
protected $routeMiddleware = [ protected $routeMiddleware = [
'disableCookies' => \App\Http\Middleware\DisableCookies::class,
'auth' => \App\Http\Middleware\Authenticate::class, 'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'homepage' => \App\Http\Middleware\Homepage::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,

View File

@ -0,0 +1,29 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Cookie;
use Illuminate\Http\Request;
class DisableCookies
{
public function handle(Request $request, Closure $next)
{
$cookiesAlreadySet = $request->hasCookie(strtolower(config('app.name')).'_session') || $request->hasCookie('XSRF-TOKEN');
if ($cookiesAlreadySet) {
return $next($request);
}
Cookie::queue(Cookie::forget(strtolower(config('app.name')).'_session'));
Cookie::queue(Cookie::forget('XSRF-TOKEN'));
config(['session.driver' => 'array']);
$response = $next($request);
$response->headers->remove('Set-Cookie');
return $response;
}
}

View File

@ -1,6 +1,8 @@
<?php <?php
use App\Http\Controllers\UserController; use App\Http\Controllers\UserController;
Route::middleware('disableCookies')->group(function () {
$host = request()->getHost(); $host = request()->getHost();
$customConfigs = config('advanced-config.custom_domains', []); $customConfigs = config('advanced-config.custom_domains', []);
@ -43,3 +45,5 @@ if (env('HOME_URL') != '') {
Route::get('/', [App\Http\Controllers\HomeController::class, 'home'])->name('home'); Route::get('/', [App\Http\Controllers\HomeController::class, 'home'])->name('home');
} }
} }
});

View File

@ -68,13 +68,13 @@ Route::get('/panel/diagnose', function () {
//Public route //Public route
$custom_prefix = config('advanced-config.custom_url_prefix'); $custom_prefix = config('advanced-config.custom_url_prefix');
Route::get('/going/{id?}', [UserController::class, 'clickNumber'])->where('link', '.*')->name('clickNumber'); Route::get('/going/{id?}', [UserController::class, 'clickNumber'])->where('link', '.*')->name('clickNumber')->middleware('disableCookies');
Route::get('/info/{id?}', [AdminController::class, 'redirectInfo'])->name('redirectInfo'); Route::get('/info/{id?}', [AdminController::class, 'redirectInfo'])->name('redirectInfo');
if($custom_prefix != ""){Route::get('/' . $custom_prefix . '{littlelink}', [UserController::class, 'littlelink'])->name('littlelink');} if($custom_prefix != ""){Route::get('/' . $custom_prefix . '{littlelink}', [UserController::class, 'littlelink'])->name('littlelink');}
Route::get('/@{littlelink}', [UserController::class, 'littlelink'])->name('littlelink'); Route::get('/@{littlelink}', [UserController::class, 'littlelink'])->name('littlelink')->middleware('disableCookies');
Route::get('/pages/'.strtolower(footer('Terms')), [AdminController::class, 'pagesTerms'])->name('pagesTerms'); Route::get('/pages/'.strtolower(footer('Terms')), [AdminController::class, 'pagesTerms'])->name('pagesTerms')->middleware('disableCookies');
Route::get('/pages/'.strtolower(footer('Privacy')), [AdminController::class, 'pagesPrivacy'])->name('pagesPrivacy'); Route::get('/pages/'.strtolower(footer('Privacy')), [AdminController::class, 'pagesPrivacy'])->name('pagesPrivacy')->middleware('disableCookies');
Route::get('/pages/'.strtolower(footer('Contact')), [AdminController::class, 'pagesContact'])->name('pagesContact'); Route::get('/pages/'.strtolower(footer('Contact')), [AdminController::class, 'pagesContact'])->name('pagesContact')->middleware('disableCookies');
Route::get('/theme/@{littlelink}', [UserController::class, 'theme'])->name('theme'); Route::get('/theme/@{littlelink}', [UserController::class, 'theme'])->name('theme');
Route::get('/vcard/{id?}', [UserController::class, 'vcard'])->name('vcard'); Route::get('/vcard/{id?}', [UserController::class, 'vcard'])->name('vcard');
Route::get('/u/{id?}', [UserController::class, 'userRedirect'])->name('userRedirect'); Route::get('/u/{id?}', [UserController::class, 'userRedirect'])->name('userRedirect');
@ -82,7 +82,7 @@ Route::get('/u/{id?}', [UserController::class, 'userRedirect'])->name('userRedir
Route::get('/report', function () {return view('report');}); Route::get('/report', function () {return view('report');});
Route::post('/report', [UserController::class, 'report'])->name('report'); Route::post('/report', [UserController::class, 'report'])->name('report');
Route::get('/demo-page', [App\Http\Controllers\HomeController::class, 'demo'])->name('demo'); Route::get('/demo-page', [App\Http\Controllers\HomeController::class, 'demo'])->name('demo')->middleware('disableCookies');
} }