From aeef45b3cd538529df8de34f60790ce308070c62 Mon Sep 17 00:00:00 2001
From: Sajjad Hashemian <wolaws@gmail.com>
Date: Wed, 21 Dec 2016 23:59:38 +0330
Subject: [PATCH] Add cookie factory

---
 src/Http/CookieFactory.php           | 63 ++++++++++++++++++++++++++++
 src/Http/Middleware/StartSession.php | 21 +++++++---
 src/Http/Rememberer.php              | 31 ++++++++------
 3 files changed, 98 insertions(+), 17 deletions(-)
 create mode 100644 src/Http/CookieFactory.php

diff --git a/src/Http/CookieFactory.php b/src/Http/CookieFactory.php
new file mode 100644
index 000000000..b92d79153
--- /dev/null
+++ b/src/Http/CookieFactory.php
@@ -0,0 +1,63 @@
+<?php
+
+/*
+ * This file is part of Flarum.
+ *
+ * (c) Toby Zerner <toby.zerner@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Flarum\Http;
+
+use Dflydev\FigCookies\SetCookie;
+use Flarum\Foundation\Application;
+
+class CookieFactory
+{
+    /**
+     * @var Application
+     */
+    protected $app;
+
+    /**
+     * @param Application $app
+     */
+    public function __construct(Application $app)
+    {
+        $this->app = $app;
+    }
+
+    /**
+     * make a new cookie instance.
+     *
+     * @param  string  $name
+     * @param  string  $value
+     * @param  int     $maxAge
+     * @param  string  $path
+     * @param  bool    $secure
+     * @param  bool    $httpOnly
+     * @param  string  $domain
+     * @return \Dflydev\FigCookies\SetCookie
+     */
+    public function make($name, $value = null, $maxAge = null, $path = null, $secure = null, $httpOnly = true, $domain = null)
+    {
+        $url = parse_url(rtrim($this->app->url(), '/'));
+
+        if ($path === null) {
+            $path = array_get($url, 'path') ?: '/';
+        }
+
+        if ($secure === null && array_get($url, 'scheme') === 'https') {
+            $secure = true;
+        }
+
+        return SetCookie::create($name, $value)
+            ->withMaxAge($maxAge)
+            ->withPath($path)
+            ->withSecure($secure)
+            ->withHttpOnly($httpOnly)
+            ->withDomain($domain);
+    }
+}
diff --git a/src/Http/Middleware/StartSession.php b/src/Http/Middleware/StartSession.php
index e4f42abc7..b34b552cc 100644
--- a/src/Http/Middleware/StartSession.php
+++ b/src/Http/Middleware/StartSession.php
@@ -12,7 +12,7 @@
 namespace Flarum\Http\Middleware;
 
 use Dflydev\FigCookies\FigResponseCookies;
-use Dflydev\FigCookies\SetCookie;
+use Flarum\Http\CookieFactory;
 use Illuminate\Support\Str;
 use Psr\Http\Message\ResponseInterface as Response;
 use Psr\Http\Message\ServerRequestInterface as Request;
@@ -22,6 +22,20 @@ use Zend\Stratigility\MiddlewareInterface;
 
 class StartSession implements MiddlewareInterface
 {
+    /**
+     * @var CookieFactory
+     */
+    protected $cookie;
+
+    /**
+     * Rememberer constructor.
+     * @param CookieFactoy $cookie
+     */
+    public function __construct(CookieFactory $cookie)
+    {
+        $this->cookie = $cookie;
+    }
+
     /**
      * {@inheritdoc}
      */
@@ -65,10 +79,7 @@ class StartSession implements MiddlewareInterface
     {
         return FigResponseCookies::set(
             $response,
-            SetCookie::create($session->getName(), $session->getId())
-                ->withPath('/')
-                ->withHttpOnly(true)
-                ->withSecure(true)
+            $this->cookie->make($session->getName(), $session->getId())
         );
     }
 }
diff --git a/src/Http/Rememberer.php b/src/Http/Rememberer.php
index 4d664b0eb..5ebdd8ad1 100644
--- a/src/Http/Rememberer.php
+++ b/src/Http/Rememberer.php
@@ -12,27 +12,41 @@
 namespace Flarum\Http;
 
 use Dflydev\FigCookies\FigResponseCookies;
-use Dflydev\FigCookies\SetCookie;
 use Psr\Http\Message\ResponseInterface;
 
 class Rememberer
 {
     protected $cookieName = 'flarum_remember';
 
+    /**
+     * @var CookieFactory
+     */
+    protected $cookie;
+
+    /**
+     * Rememberer constructor.
+     * @param CookieFactoy $cookie
+     */
+    public function __construct(CookieFactory $cookie)
+    {
+        $this->cookie = $cookie;
+    }
+
     public function remember(ResponseInterface $response, AccessToken $token, $session = false)
     {
-        $cookie = $this->createCookie()->withValue($token->id);
+        $lifetime = null;
 
         if (! $session) {
             $lifetime = 60 * 60 * 24 * 14;
 
             $token->lifetime = $lifetime;
             $token->save();
-
-            $cookie = $cookie->withMaxAge($lifetime);
         }
 
-        return FigResponseCookies::set($response, $cookie);
+        return FigResponseCookies::set(
+            $response,
+            $this->cookie->make($this->cookieName, $token->id, $lifetime)
+        );
     }
 
     public function rememberUser(ResponseInterface $response, $userId)
@@ -46,11 +60,4 @@ class Rememberer
     {
         return FigResponseCookies::expire($response, $this->cookieName);
     }
-
-    private function createCookie()
-    {
-        return SetCookie::create($this->cookieName)
-            ->withPath('/')
-            ->withHttpOnly(true);
-    }
 }