41 lines
1.2 KiB
PHP
41 lines
1.2 KiB
PHP
<?php
|
|
namespace Misuzu\Auth;
|
|
|
|
use DateTimeImmutable;
|
|
|
|
// is this the right way to do this?
|
|
final class AuthTokenCookie {
|
|
public static function domain(): string {
|
|
$url = parse_url($_SERVER['HTTP_HOST'], PHP_URL_HOST);
|
|
if(empty($url))
|
|
$url = $_SERVER['HTTP_HOST'];
|
|
|
|
if(!filter_var($url, FILTER_VALIDATE_IP))
|
|
$url = '.' . $url;
|
|
|
|
return $url;
|
|
}
|
|
|
|
public static function apply(string $packed): void {
|
|
$now = new DateTimeImmutable('now');
|
|
$threeMonths = $now->modify('+3 months');
|
|
|
|
header(sprintf(
|
|
'Set-Cookie: msz_auth=%s; Expires=%s; Max-Age=%d; Domain=%s; Path=/; SameSite=Lax; HttpOnly;%s',
|
|
$packed,
|
|
$threeMonths->format('D, d M Y H:i:s e'),
|
|
$threeMonths->getTimestamp() - $now->getTimestamp(),
|
|
self::domain(),
|
|
filter_has_var(INPUT_SERVER, 'HTTPS') ? ' Secure' : ''
|
|
));
|
|
}
|
|
|
|
public static function nuke(): void {
|
|
header(sprintf(
|
|
'Set-Cookie: msz_auth=; Expires=Wed, 31 Dec 1969 21:29:59 UTC; Max-Age=-9001; Domain=%s; Path=/; SameSite=Lax; HttpOnly;%s',
|
|
self::domain(),
|
|
filter_has_var(INPUT_SERVER, 'HTTPS') ? ' Secure' : ''
|
|
));
|
|
}
|
|
}
|