Commit 264cc512 authored by Taylor Otwell's avatar Taylor Otwell

fixed bug in auth cookie removal.

parent 2733e5ce
# Laravel Change Log # Laravel Change Log
## Version 2.1.0
- Fix: Authentication cookies are not deleted properly when custom domains or paths are used.
### Upgrading from 2.0.9
- Replace **laravel** directory.
## Version 2.0.9 ## Version 2.0.9
- Minor: Made "timestamps" method in Eloquent model protected instead of private. - Minor: Made "timestamps" method in Eloquent model protected instead of private.
......
...@@ -206,9 +206,16 @@ class Auth { ...@@ -206,9 +206,16 @@ class Auth {
static::$user = null; static::$user = null;
Cookie::forget(Auth::user_key); $config = Config::get('session');
extract($config, EXTR_SKIP);
// When forgetting the cookie, we need to also pass in the path and
// domain that would have been used when the cookie was originally
// set by the framework, otherwise it will not be deleted.
Cookie::forget(Auth::user_key, $path, $domain, $secure);
Cookie::forget(Auth::remember_key); Cookie::forget(Auth::remember_key, $path, $domain, $secure);
IoC::core('session')->forget(Auth::user_key); IoC::core('session')->forget(Auth::user_key);
} }
......
...@@ -128,11 +128,15 @@ class Cookie { ...@@ -128,11 +128,15 @@ class Cookie {
* Delete a cookie. * Delete a cookie.
* *
* @param string $name * @param string $name
* @param string $path
* @param string $domain
* @param bool $secure
* @param bool $http_only
* @return bool * @return bool
*/ */
public static function forget($name) public static function forget($name, $path = '/', $domain = null, $secure = false, $http_only = false)
{ {
return static::put($name, null, -2000); return static::put($name, null, -2000, $path, $domain, $secure, $http_only);
} }
} }
\ No newline at end of file
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
* Laravel - A PHP Framework For Web Artisans * Laravel - A PHP Framework For Web Artisans
* *
* @package Laravel * @package Laravel
* @version 2.0.9 * @version 2.1.0
* @author Taylor Otwell <taylorotwell@gmail.com> * @author Taylor Otwell <taylorotwell@gmail.com>
* @link http://laravel.com * @link http://laravel.com
*/ */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment