Skip to content

Commit e6f97c0

Browse files
ildyriaildyria
committed
switch from order as session to order as cookies, this is necessary sor that sessions are not constantly reset for guest users
1 parent 266e01d commit e6f97c0

File tree

10 files changed

+70
-53
lines changed

10 files changed

+70
-53
lines changed

app/Http/Controllers/Shop/BasketController.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
use App\Models\User;
2222
use Illuminate\Routing\Controller;
2323
use Illuminate\Support\Facades\Auth;
24-
use Illuminate\Support\Facades\Session;
24+
use Illuminate\Support\Facades\Cookie;
2525

2626
class BasketController extends Controller
2727
{
@@ -115,7 +115,7 @@ public function delete(DeleteBasketRequest $request): void
115115
$this->basket_service->deleteBasket($basket);
116116

117117
// Remove basket ID from session
118-
Session::forget(RequestAttribute::BASKET_ID_ATTRIBUTE);
118+
Cookie::queue(Cookie::forget(RequestAttribute::BASKET_ID_ATTRIBUTE));
119119
}
120120

121121
/**
@@ -130,7 +130,7 @@ public function get(GetBasketRequest $request): OrderResource
130130
/** @var User|null $user */
131131
$user = Auth::user();
132132
$basket = $this->basket_service->getOrCreateBasket($request->basket(), $user);
133-
Session::put(RequestAttribute::BASKET_ID_ATTRIBUTE, $basket->id);
133+
Cookie::queue(RequestAttribute::BASKET_ID_ATTRIBUTE, $basket->id, config('session.lifetime'));
134134

135135
return OrderResource::fromModel($basket);
136136
}

app/Http/Requests/Basket/AddAlbumToBasketRequest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ class AddAlbumToBasketRequest extends BaseBasketRequest
5252
*/
5353
public function authorize(): bool
5454
{
55-
return true; // Anyone can add albums to the basket
55+
return $this->order !== null; // Anyone can add albums to the basket
5656
}
5757

5858
/**

app/Http/Requests/Basket/AddPhotoToBasketRequest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ class AddPhotoToBasketRequest extends BaseBasketRequest
5353
public function authorize(): bool
5454
{
5555
// Validate that the photo is in the specified album
56-
return $this->photo->albums()->where('id', $this->album_id)->exists();
56+
return $this->order !== null && $this->photo->albums()->where('id', $this->album_id)->exists();
5757
}
5858

5959
/**

app/Http/Requests/Basket/GetBasketRequest.php

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
use App\Http\Requests\BaseApiRequest;
1515
use App\Models\Order;
1616
use Illuminate\Support\Facades\Auth;
17-
use Illuminate\Support\Facades\Session;
17+
use Illuminate\Support\Facades\Cookie;
1818

1919
class GetBasketRequest extends BaseApiRequest implements HasBasket
2020
{
@@ -35,15 +35,13 @@ public function authorize(): bool
3535
*/
3636
public function rules(): array
3737
{
38-
return [
39-
RequestAttribute::BASKET_ID_ATTRIBUTE => ['nullable', 'integer'],
40-
];
38+
return [];
4139
}
4240

4341
protected function processValidatedValues(array $values, array $files): void
4442
{
45-
// If there is a basket_id in the session, use it.
46-
$basket_id = Session::get(RequestAttribute::BASKET_ID_ATTRIBUTE, $values[RequestAttribute::BASKET_ID_ATTRIBUTE] ?? null);
43+
// If there is a basket_id in the cookie, use it.
44+
$basket_id = Cookie::get(RequestAttribute::BASKET_ID_ATTRIBUTE, $values[RequestAttribute::BASKET_ID_ATTRIBUTE] ?? null);
4745
if ($basket_id !== null) {
4846
$this->order = Order::find($basket_id);
4947
}

app/Http/Requests/Traits/HasBasketTrait.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
use App\Enum\PaymentStatusType;
1313
use App\Models\Order;
1414
use Illuminate\Support\Facades\Auth;
15-
use Illuminate\Support\Facades\Session;
15+
use Illuminate\Support\Facades\Cookie;
1616

1717
trait HasBasketTrait
1818
{
@@ -27,14 +27,14 @@ public function basket(): ?Order
2727
}
2828

2929
/**
30-
* Resolve the basket from the session and prepare it for validation.
30+
* Resolve the basket from the cookie and prepare it for validation.
3131
*
3232
* @return void
3333
*/
3434
protected function prepareBasket(): void
3535
{
36-
// If there is a basket_id in the session, use it.
37-
$basket_id = Session::get(RequestAttribute::BASKET_ID_ATTRIBUTE);
36+
// If there is a basket_id in the cookie, use it.
37+
$basket_id = Cookie::get(RequestAttribute::BASKET_ID_ATTRIBUTE);
3838
if ($basket_id !== null) {
3939
$this->order = Order::find($basket_id);
4040
}
@@ -48,7 +48,7 @@ protected function prepareBasket(): void
4848
$this->order->user_id !== $user_id
4949
) {
5050
$this->order = null;
51-
Session::forget(RequestAttribute::BASKET_ID_ATTRIBUTE);
51+
Cookie::queue(Cookie::forget(RequestAttribute::BASKET_ID_ATTRIBUTE));
5252
}
5353

5454
// If user is logged in, retrieve the current pending basket.

tests/Feature_v2/Base/BaseApiTest.php

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ abstract class BaseApiTest extends AbstractTestCase
4646
*/
4747
public function getJsonWithData($uri, array $data = [], array $headers = [], $options = 0)
4848
{
49-
return $this->json('GET', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
49+
return $this->withCredentials()->json('GET', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
5050
}
5151

5252
/**
@@ -60,7 +60,7 @@ public function getJsonWithData($uri, array $data = [], array $headers = [], $op
6060
*/
6161
public function getJson($uri, array $headers = [], $options = 0)
6262
{
63-
return $this->json('GET', self::API_PREFIX . ltrim($uri, '/'), [], $headers, $options);
63+
return $this->withCredentials()->json('GET', self::API_PREFIX . ltrim($uri, '/'), [], $headers, $options);
6464
}
6565

6666
/**
@@ -75,7 +75,7 @@ public function getJson($uri, array $headers = [], $options = 0)
7575
*/
7676
public function postJson($uri, array $data = [], array $headers = [], $options = 0)
7777
{
78-
return $this->json('POST', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
78+
return $this->withCredentials()->json('POST', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
7979
}
8080

8181
/**
@@ -132,7 +132,7 @@ public function upload(
132132
*/
133133
public function patchJson($uri, array $data = [], array $headers = [], $options = 0)
134134
{
135-
return $this->json('PATCH', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
135+
return $this->withCredentials()->json('PATCH', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
136136
}
137137

138138
/**
@@ -147,7 +147,7 @@ public function patchJson($uri, array $data = [], array $headers = [], $options
147147
*/
148148
public function putJson($uri, array $data = [], array $headers = [], $options = 0)
149149
{
150-
return $this->json('PUT', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
150+
return $this->withCredentials()->json('PUT', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
151151
}
152152

153153
/**
@@ -162,7 +162,7 @@ public function putJson($uri, array $data = [], array $headers = [], $options =
162162
*/
163163
public function deleteJson($uri, array $data = [], array $headers = [], $options = 0)
164164
{
165-
return $this->json('DELETE', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
165+
return $this->withCredentials()->json('DELETE', self::API_PREFIX . ltrim($uri, '/'), $data, $headers, $options);
166166
}
167167

168168
/**

0 commit comments

Comments
 (0)