Sultan
/
invoiceninja
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes for session invalidation

This commit is contained in:
David Bomba 2025-01-21 16:42:50 +11:00
parent 0283fe9193
commit b96d69933a
5 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Controllers/Auth/VendorContactLoginController.php
View File

@ -36,6 +36,7 @@ class VendorContactLoginController extends Controller
Auth::guard('vendor')->logout();
request()->session()->invalidate();
request()->session()->regenerateToken();
return redirect('/vendors');
}

5
app/Http/Controllers/ClientPortal/InvitationController.php
View File

@ -104,6 +104,8 @@ class InvitationController extends Controller
if (request()->has('client_hash') && request()->input('client_hash') == $invitation->contact->client->client_hash) {
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('contact')->loginUsingId($client_contact->id, true);
} elseif ((bool) $invitation->contact->client->getSetting('enable_client_portal_password') !== false) {
//if no contact password has been set - allow user to set password - then continue to view entity
@ -123,6 +125,7 @@ class InvitationController extends Controller
} else {
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('contact')->loginUsingId($client_contact->id, true);
}
@ -263,6 +266,7 @@ class InvitationController extends Controller
}
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('contact')->loginUsingId($contact->id, true);
return redirect()->route('client.payments.show', $payment->hashed_id);
@ -281,6 +285,7 @@ class InvitationController extends Controller
}
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('contact')->loginUsingId($invitation->contact->id, true);
$invoice = $invitation->invoice->service()->removeUnpaidGatewayFees()->save();

2
app/Http/Controllers/VendorPortal/InvitationController.php
View File

@ -59,9 +59,11 @@ class InvitationController extends Controller
if (request()->has('vendor_hash') && request()->input('vendor_hash') == $invitation->contact->vendor->vendor_hash) {
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
} else {
request()->session()->invalidate();
request()->session()->regenerateToken();
auth()->guard('vendor')->loginUsingId($vendor_contact->id, true);
}

1
app/Http/Middleware/CheckClientExistence.php
View File

@ -58,6 +58,7 @@ class CheckClientExistence
if (count($multiple_contacts) == 1 && ! Auth::guard('contact')->check()) {
request()->session()->invalidate();
request()->session()->regenerateToken();
Auth::guard('contact')->loginUsingId($multiple_contacts[0]->id, true);
auth()->guard('contact')->user()->loadMissing(['client' => function ($query) {

4
app/Utils/Number.php
View File

@ -320,7 +320,7 @@ class Number
}
// 2025-01-21 - force cast to float so that we do not hit exception in number_format
$v = (float)rtrim(sprintf('%f', $value), '0');
$v = rtrim(sprintf('%f', $value), '0');
$parts = explode('.', $v);
//04-04-2023 if currency = JPY override precision to 0
@ -328,7 +328,7 @@ class Number
$precision = 0;
}
$value = number_format($v, $precision, $decimal, $thousand);//@phpstan-ignore-line
$value = number_format((float)$v, $precision, $decimal, $thousand);//@phpstan-ignore-line
$symbol = $currency->symbol;
if ($entity->getSetting('show_currency_code') === true && $currency->code == 'CHF') {