diff --git a/app/Controllers/Auth.php b/app/Controllers/Auth.php index 17a63a8..0ada4e5 100644 --- a/app/Controllers/Auth.php +++ b/app/Controllers/Auth.php @@ -121,13 +121,6 @@ class Auth extends Controller { // // 'secure' => $isSecure, // true for HTTPS, false for HTTP (localhost) // // 'httponly' => true, // dipakai agar cookie berikut tidak dapat diakses oleh javascript // // 'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX - // 'name' => 'token', - // 'value' => '', - // 'expire' => time() - 3600, - // 'path' => '/', - // 'secure' => true, - // 'httponly' => true, - // 'samesite' => Cookie::SAMESITE_NONE // ]); @@ -195,17 +188,34 @@ class Auth extends Controller { } // ok + // public function logout() { + // // Definisikan ini pada cookies browser, harus sama dengan cookies login + // // $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on'; + // return $this->response->setCookie([ + // 'name' => 'token', + // 'value' => '', + // 'expire' => time() - 3600, + // 'path' => '/', + // 'secure' => $isSecure, + // 'httponly' => true, + // 'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX + + // ])->setJSON([ + // 'status' => 'success', + // 'code' => 200, + // 'message' => 'Logout successful' + // ], 200); + // } public function logout() { // Definisikan ini pada cookies browser, harus sama dengan cookies login - // $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on'; return $this->response->setCookie([ 'name' => 'token', 'value' => '', 'expire' => time() - 3600, 'path' => '/', - 'secure' => $isSecure, + 'secure' => true, 'httponly' => true, - 'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX + 'samesite' => Cookie::SAMESITE_NONE ])->setJSON([ 'status' => 'success',