From f334168f9082a10284ba8f9156e2ee9080c19e06 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BE=B7=E5=8D=8E=20=E5=88=98?= <christyjacob4@gmail.com>
Date: Wed, 13 Dec 2023 08:45:47 +0000
Subject: [PATCH] fix: remove expired cookie

---
 app/controllers/api/account.php | 12 ------------
 app/controllers/api/teams.php   |  2 --
 app/controllers/general.php     |  9 ---------
 3 files changed, 23 deletions(-)

diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php
index 76e6a81e9d0..c210b19f4fb 100644
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@@ -266,10 +266,6 @@
         $response
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            /** TODO: @christyjacob remove it after 1 month
-             * Temporarily expire the old cookie to stop the client from sending it */
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
             ->setStatusCode(Response::STATUS_CODE_CREATED)
         ;
 
@@ -790,8 +786,6 @@
             ->addHeader('Pragma', 'no-cache')
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
             ->redirect($state['success'])
         ;
     });
@@ -1202,8 +1196,6 @@
         $response
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
             ->setStatusCode(Response::STATUS_CODE_CREATED);
 
         $countryName = $locale->getText('countries.' . strtolower($session->getAttribute('countryCode')), $locale->getText('locale.country.unknown'));
@@ -1454,8 +1446,6 @@
         $response
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
             ->setStatusCode(Response::STATUS_CODE_CREATED)
         ;
 
@@ -1593,8 +1583,6 @@
         $response
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
             ->setStatusCode(Response::STATUS_CODE_CREATED)
         ;
 
diff --git a/app/controllers/api/teams.php b/app/controllers/api/teams.php
index f6942bf87f6..2ee351f469e 100644
--- a/app/controllers/api/teams.php
+++ b/app/controllers/api/teams.php
@@ -982,8 +982,6 @@
         $response
             ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, null)
             ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp(), '/', Config::getParam('cookieDomain'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName, Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, Config::getParam('cookieSamesite'))
-            ->addCookie(Auth::$cookieName . '_legacy', Auth::encodeSession($user->getId(), $secret), (new \DateTime($expire))->getTimestamp() - 3600, '/', Config::getParam('cookieDomainReset'), ('https' == $protocol), true, null)
         ;
 
         $response->dynamic(
diff --git a/app/controllers/general.php b/app/controllers/general.php
index 7d9f92c56a5..e443b96fc9a 100644
--- a/app/controllers/general.php
+++ b/app/controllers/general.php
@@ -370,15 +370,6 @@ function router(App $utopia, Database $dbForConsole, SwooleRequest $swooleReques
                 )
         );
 
-        /** TODO: @christyjacob remove it after 1 month
-         * Temporarily expire the old cookie to stop the client from sending it */
-        Config::setParam(
-            'cookieDomainReset',
-            $isLocalHost || $isIpAddress
-                ? null
-                : ($isConsoleProject ? '.' . $request->getHostname() : null)
-        );
-
         /*
         * Response format
         */