mirror of
https://github.com/myronblair/novacpx
synced 2026-06-30 17:50:41 -05:00
Fix auth/me returning nulls — auth endpoint was in public list
The auth endpoint was added to the public (no-auth) list so $currentUser was never set. The me action now calls Auth::check() itself so it validates the session cookie and returns the real user data. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -31,13 +31,16 @@ match ($action) {
|
|||||||
Response::success(null, 'Logged out');
|
Response::success(null, 'Logged out');
|
||||||
})(),
|
})(),
|
||||||
|
|
||||||
'me' => (function() use ($currentUser) {
|
'me' => (function() {
|
||||||
|
$auth = Auth::getInstance();
|
||||||
|
if (!$auth->check()) Response::error('Unauthorized', 401);
|
||||||
|
$u = $auth->user();
|
||||||
Response::success([
|
Response::success([
|
||||||
'id' => $currentUser['uid'],
|
'id' => $u['uid'] ?? $u['id'],
|
||||||
'username' => $currentUser['username'],
|
'username' => $u['username'],
|
||||||
'email' => $currentUser['email'],
|
'email' => $u['email'],
|
||||||
'role' => $currentUser['role'],
|
'role' => $u['role'],
|
||||||
'theme' => $currentUser['theme'],
|
'theme' => $u['theme'],
|
||||||
]);
|
]);
|
||||||
})(),
|
})(),
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user