PriceyBot/PriceyBotPanel
Archived
5
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects 1 Releases 4 Wiki Activity

fix/headerauth-crash-missing-header #19

Merged
benjamyn merged 5 commits from fix/headerauth-crash-missing-header into master 2023-10-11 00:58:54 -04:00
Conversation 3 Commits 5 Files Changed 1 +4
benjamyn commented 2023-10-10 00:52:04 -04:00
Owner
Copy Link

Fixed crash with missing header relies on #18

Fixed crash with missing header relies on #18
benjamyn added 6 commits 2023-10-10 00:52:04 -04:00
benjamyn added a new dependency 2023-10-10 00:52:11 -04:00
#18 feat/user-reg-api
llama changed title from fix/headerauth-crash-missing-header to fix/headerauth-crash-missing-header 2023-10-10 01:14:35 -04:00
llama changed target branch from master to feat/user-reg-api 2023-10-10 01:14:35 -04:00
llama requested changes 2023-10-10 01:15:34 -04:00
app/Http/Middleware/HeaderAuth.php Outdated
@ -15,6 +15,10 @@ class HeaderAuth
*/
public function handle(Request $request, Closure $next): Response
{
if (is_null($request->header('X-BOTAUTH'))) {
llama commented 2023-10-10 01:15:31 -04:00
Owner

If do empty here instead of is_null

if (empty($request->header('X-BOTAUTH'))) {
If do empty here instead of is_null ``` if (empty($request->header('X-BOTAUTH'))) { ```
benjamyn added 2 commits 2023-10-10 01:35:57 -04:00
kdonaldson requested changes 2023-10-10 01:56:36 -04:00
app/Http/Middleware/HeaderAuth.php Outdated
@ -15,6 +15,10 @@ class HeaderAuth
*/
public function handle(Request $request, Closure $next): Response
{
if (empty($request->header('X-BOTAUTH'))) {
kdonaldson commented 2023-10-10 01:56:34 -04:00
Owner

->hasHeader(...) also works instead of having to do the empty check.

Alternatively you can do this:

$header = $request->header('X-BotAuth'); // Returns null when no value is found by default

if (! $header) {
    // return failure response
}

if (! hash_equals(config('bot.header_auth'), $header)) {
    // return failure response
}

return $next($request);

->header(...) has a second parameter that can be specified as a default value when header is not present.
Most of the time in Laravel when there's a "get" kind of function like this there's a secondary "default" parameter that defaults to null you can use, for example config(...), Arr::get(...), etc.

`->hasHeader(...)` also works instead of having to do the empty check. Alternatively you can do this: ```php $header = $request->header('X-BotAuth'); // Returns null when no value is found by default if (! $header) { // return failure response } if (! hash_equals(config('bot.header_auth'), $header)) { // return failure response } return $next($request); ``` `->header(...)` has a second parameter that can be specified as a default value when header is not present. Most of the time in Laravel when there's a "get" kind of function like this there's a secondary "default" parameter that defaults to null you can use, for example config(...), Arr::get(...), etc.
llama changed title from fix/headerauth-crash-missing-header to fix/headerauth-crash-missing-header 2023-10-10 03:19:28 -04:00
llama changed target branch from feat/user-reg-api to master 2023-10-10 03:19:28 -04:00
benjamyn added 1 commit 2023-10-10 22:54:39 -04:00
kdonaldson approved these changes 2023-10-11 00:34:53 -04:00
benjamyn added 1 commit 2023-10-11 00:56:50 -04:00
benjamyn removed a dependency 2023-10-11 00:58:14 -04:00
#18 feat/user-reg-api
benjamyn merged commit 84529c373d into master 2023-10-11 00:58:54 -04:00
benjamyn deleted branch fix/headerauth-crash-missing-header 2023-10-11 00:59:01 -04:00
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
llama
kdonaldson
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agoodlet balgie benjamyn kdonaldson llama
No Assignees
3 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: PriceyBot/PriceyBotPanel#19
No description provided.
Delete Branch "fix/headerauth-crash-missing-header"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?