diff options
| -rw-r--r-- | views/authenticate.js | 7 | ||||
| -rw-r--r-- | views/user/authenticate.php | 8 |
2 files changed, 14 insertions, 1 deletions
diff --git a/views/authenticate.js b/views/authenticate.js index 398794a..5b64ecd 100644 --- a/views/authenticate.js +++ b/views/authenticate.js @@ -28,7 +28,12 @@ function requestAuthentication() { request.onreadystatechange = function() { if (request.readyState < 4) return; - authentication_response = (request.status == 200) ? request.responseText : ""; + if (request.status == 200) { + authentication_response = request.responseText; + } + else if (request.status == 410) { + cookieStorage.removeItem('token'); + } } request.open("POST", "/authenticate", true); request.send(null); diff --git a/views/user/authenticate.php b/views/user/authenticate.php index e4cf47e..ba0dd30 100644 --- a/views/user/authenticate.php +++ b/views/user/authenticate.php @@ -9,6 +9,14 @@ if ($_SERVER['REQUEST_METHOD'] !== 'POST') { } try { + $token = Database\Cookie::fromDBtoken($TOKEN); + if (strtotime($token->Expires) < strtotime('now')) { + $token->delete(); + + http_response_code(410); + header('Content-Type: text/plain'); + exit; + } $user = Database\Cookie::fromDB($TOKEN); http_response_code(200); |