Problem: Frontend JS bundle used credentials:'same-origin' which dropped cookies on cross-domain requests. Login worked (200) but the subsequent /auth/me check returned 401, leaving the user stuck on the login screen. Fix: - AuthController now sets a dtp_jwt HttpOnly cookie on login/refresh - Cookie uses Domain=.fahrschultermin.de (shared between frontend and api subdomain), Secure, SameSite=Lax, Max-Age=8h - JwtMiddleware reads JWT from Authorization header OR cookie - Added AuthController::me() endpoint (was missing, caused 500) - Logout endpoint clears the cookie - Frontend index.php patches fetch() to use credentials:'include' for all /api/v1/* calls
28 lines
973 B
PHP
Executable File
28 lines
973 B
PHP
Executable File
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
$bootstrap = require __DIR__ . '/../app/bootstrap.php';
|
|
|
|
use App\Support\Database;
|
|
|
|
$db = Database::connection();
|
|
$migrations = glob(__DIR__ . '/../database/migrations/*.sql');
|
|
sort($migrations);
|
|
|
|
foreach ($migrations as $migration) {
|
|
$statements = array_filter(array_map('trim', explode(';', file_get_contents($migration))));
|
|
foreach ($statements as $statement) {
|
|
if (preg_match('/^ALTER\s+TABLE\s+([A-Za-z0-9_]+)\s+ADD\s+COLUMN\s+([A-Za-z0-9_]+)/i', $statement, $matches) === 1) {
|
|
$columns = $db->query('PRAGMA table_info(' . $matches[1] . ')')->fetchAll();
|
|
$columnNames = array_map(static fn (array $column): string => strtolower((string) $column['name']), $columns);
|
|
if (in_array(strtolower($matches[2]), $columnNames, true)) {
|
|
continue;
|
|
}
|
|
}
|
|
|
|
$db->exec($statement);
|
|
}
|
|
fwrite(STDOUT, "Applied: " . basename($migration) . PHP_EOL);
|
|
}
|