myron/jarvis
1
0
Fork 0
mirror of https://github.com/myronblair/jarvis synced 2026-06-30 17:50:23 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: inject token as JS global (no sessionStorage needed), skip bridge.php, direct login→app

Browse Source
This commit is contained in:
Myron Blair
2026-06-01 10:01:00 +00:00
parent 2af5c03f1a
commit e0fc31332c
3 changed files with 16 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public_html/index.html
+8 -4
View File
@@ -959,14 +959,18 @@ window.addEventListener("load", () => {
initVoice();
loadVoices();
// Check if already logged in
const saved = sessionStorage.getItem('jarvis_token');
// Check if already logged in — prefer PHP-injected global, fall back to sessionStorage
const saved = (typeof __jarvisToken !== 'undefined' ? __jarvisToken : null)
|| sessionStorage.getItem('jarvis_token');
const savedUser = (typeof __jarvisUser !== 'undefined' ? __jarvisUser : null)
|| sessionStorage.getItem('jarvis_user') || '';
const autoReload = sessionStorage.getItem('jarvis_autoreload') === '1';
sessionStorage.removeItem('jarvis_autoreload');
if (saved) {
sessionToken = saved;
sessionUser = sessionStorage.getItem('jarvis_user') || '';
showApp(sessionUser, null, autoReload);
sessionUser = savedUser;
try { sessionStorage.setItem('jarvis_token', saved); sessionStorage.setItem('jarvis_user', savedUser); } catch(e) {}
showApp(savedUser, null, autoReload);
}
});
public_html/index.php
+7 -2
View File
@@ -9,6 +9,11 @@ if (empty($_SESSION['jarvis_token'])) {
$token = $_SESSION['jarvis_token'];
$name = $_SESSION['jarvis_name'] ?? '';
$html = file_get_contents(__DIR__ . '/index.html');
$inject = '<script>sessionStorage.setItem("jarvis_token",' . json_encode($token)
. ');sessionStorage.setItem("jarvis_user",' . json_encode($name) . ');</script>';
// Inject token as JS globals — no sessionStorage dependency at all
$inject = '<script data-cfasync="false">'
. 'var __jarvisToken=' . json_encode($token) . ';'
. 'var __jarvisUser=' . json_encode($name) . ';'
. 'try{sessionStorage.setItem("jarvis_token",__jarvisToken);'
. 'sessionStorage.setItem("jarvis_user",__jarvisUser);}catch(e){}'
. '</script>';
echo str_replace('<head>', '<head>' . $inject, $html);
public_html/login.php
+1 -1
View File
@@ -20,7 +20,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$_SESSION['jarvis_user_id'] = $user['id'];
$_SESSION['jarvis_name'] = $user['display_name'];
$pdo->prepare('UPDATE users SET last_seen=NOW() WHERE id=?')->execute([$user['id']]);
header('Location: /bridge.php');
header('Location: /');
exit;
}
$error = 'ACCESS DENIED';