Skip to content

Commit 7a47a10

Browse files
n0fbarryvdh
n0f
authored and
barryvdh
committed
Validate $recaller in MultiAuthCollector.php (barryvdh#638)
Fixed barryvdh#633 . Validate $recaller in MultiAuthCollector.php without the Recaller class. I modified it to work the same as when using the Recaller class.
1 parent 82be3f0 commit 7a47a10

File tree

1 file changed

+9
-6
lines changed

1 file changed

+9
-6
lines changed

src/DataCollector/MultiAuthCollector.php

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,10 @@
11
<?php
22

33
namespace Barryvdh\Debugbar\DataCollector;
4-
use Illuminate\Auth\Recaller;
4+
55
use Illuminate\Auth\SessionGuard;
66
use Illuminate\Contracts\Auth\Guard;
7+
use Illuminate\Support\Str;
78

89
/**
910
* Collector for Laravel's Auth provider
@@ -60,14 +61,16 @@ private function resolveUser(Guard $guard)
6061
// to prevent csrf token regeneration
6162

6263
$recaller = $guard instanceof SessionGuard
63-
? new Recaller($guard->getRequest()->cookies->get($guard->getRecallerName()))
64+
? $guard->getRequest()->cookies->get($guard->getRecallerName())
6465
: null;
6566

66-
if (!is_null($recaller) && $recaller->valid()) {
67-
return $guard->getProvider()->retrieveByToken($recaller->id(), $recaller->token());
68-
} else {
69-
return $guard->user();
67+
if (is_string($recaller) && Str::contains($recaller, '|')) {
68+
$segments = explode('|', $recaller);
69+
if (count($segments) == 2 && trim($segments[0]) !== '' && trim($segments[1]) !== '') {
70+
return $guard->getProvider()->retrieveByToken($segments[0], $segments[1]);
71+
}
7072
}
73+
return $guard->user();
7174
}
7275

7376
/**

0 commit comments

Comments
 (0)