Strip out JWT usage and use cookies to track the currently logged in user

2018-07-14 22:42:58 -07:00 · 2018-07-14 22:42:58 -07:00 · 6336e5191f
commit 6336e5191f
parent a7fae86e58
9 changed files with 44 additions and 144 deletions
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@ -49,6 +49,7 @@ class Kernel extends HttpKernel
     */
    protected $middleware = [
        CheckForMaintenanceMode::class,
+        EncryptCookies::class,
        ValidatePostSize::class,
        TrimStrings::class,
        ConvertEmptyStringsToNull::class,
@ -62,7 +63,6 @@ class Kernel extends HttpKernel
     */
    protected $middlewareGroups = [
        'web' => [
-            EncryptCookies::class,
            AddQueuedCookiesToResponse::class,
            StartSession::class,
            AuthenticateSession::class,
@ -82,8 +82,10 @@ class Kernel extends HttpKernel
        ],
        'client-api' => [
            'throttle:240,1',
-            SubstituteClientApiBindings::class,
+            StartSession::class,
            SetSessionDriver::class,
+            AuthenticateSession::class,
+            SubstituteClientApiBindings::class,
            'api..key:' . ApiKey::TYPE_ACCOUNT,
            AuthenticateIPAccess::class,
        ],