mirror of
https://github.com/myronblair/jarvis
synced 2026-06-30 17:50:23 -05:00
fix: inject token as JS global (no sessionStorage needed), skip bridge.php, direct login→app
This commit is contained in:
@@ -9,6 +9,11 @@ if (empty($_SESSION['jarvis_token'])) {
|
||||
$token = $_SESSION['jarvis_token'];
|
||||
$name = $_SESSION['jarvis_name'] ?? '';
|
||||
$html = file_get_contents(__DIR__ . '/index.html');
|
||||
$inject = '<script>sessionStorage.setItem("jarvis_token",' . json_encode($token)
|
||||
. ');sessionStorage.setItem("jarvis_user",' . json_encode($name) . ');</script>';
|
||||
// Inject token as JS globals — no sessionStorage dependency at all
|
||||
$inject = '<script data-cfasync="false">'
|
||||
. 'var __jarvisToken=' . json_encode($token) . ';'
|
||||
. 'var __jarvisUser=' . json_encode($name) . ';'
|
||||
. 'try{sessionStorage.setItem("jarvis_token",__jarvisToken);'
|
||||
. 'sessionStorage.setItem("jarvis_user",__jarvisUser);}catch(e){}'
|
||||
. '</script>';
|
||||
echo str_replace('<head>', '<head>' . $inject, $html);
|
||||
|
||||
Reference in New Issue
Block a user