summaryrefslogtreecommitdiff
path: root/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'controllers')
-rw-r--r--controllers/controllers.php7
1 files changed, 4 insertions, 3 deletions
diff --git a/controllers/controllers.php b/controllers/controllers.php
index fc8425c..b3e23a7 100644
--- a/controllers/controllers.php
+++ b/controllers/controllers.php
@@ -1,11 +1,10 @@
<?php
-use Firebase\JWT\JWT;
function require_login(&$app, $redirect=true) {
$params = $app->request()->params();
if(array_key_exists('token', $params)) {
try {
- $data = JWT::decode($params['token'], Config::$jwtSecret);
+ $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
$_SESSION['user_id'] = $data->user_id;
$_SESSION['me'] = $data->me;
} catch(DomainException $e) {
@@ -194,12 +193,14 @@ $app->get('/privacy', function() use($app) {
$app->get('/add-to-home', function() use($app) {
$params = $app->request()->params();
+ header("Cache-Control: no-cache, must-revalidate");
if(array_key_exists('token', $params) && !session('add-to-home-started')) {
+ unset($_SESSION['add-to-home-started']);
// Verify the token and sign the user in
try {
- $data = JWT::decode($params['token'], Config::$jwtSecret);
+ $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
$_SESSION['user_id'] = $data->user_id;
$_SESSION['me'] = $data->me;
$app->redirect('/new', 301);