349b4629be
Also implemented more elegant solution to allowing session auth for API routes; A new 'StartSessionIfCookieExists' middleware, which wraps the default 'StartSession' middleware will run for API routes which only sets up the session if a session cookie is found on the request. Also decrypts only the session cookie. Also cleaned some TokenController codeclimate warnings. |
||
---|---|---|
.. | ||
ApiAuthenticate.php | ||
Authenticate.php | ||
CheckForMaintenanceMode.php | ||
ConfirmEmails.php | ||
EncryptCookies.php | ||
GlobalViewData.php | ||
Localization.php | ||
PermissionMiddleware.php | ||
RedirectIfAuthenticated.php | ||
StartSessionIfCookieExists.php | ||
TrimStrings.php | ||
TrustProxies.php | ||
VerifyCsrfToken.php |