JSON-ms · dannycoulombe · Dec 31, 2025 · Dec 12, 2025 · Dec 12, 2025 · Dec 13, 2025
diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml
@@ -30,7 +30,7 @@ jobs:
           mkdir .compress
           mv archive.zip .compress/.
           cd .compress
-          echo "<?php ($$z=new ZipArchive)->open('archive.zip')===TRUE && $$z->extractTo('.') && $$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php
+          echo "<?php (\$z=new ZipArchive)->open('archive.zip')===TRUE && \$z->extractTo('.') && \$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php
           echo "INTERFACE_EDITOR_URL=https://dev.json.ms" > .env
           echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://dev.json.ms" >> .env
           echo "JSONMS_CYPHER_KEY=${{ secrets.JSONMS_CYPHER_KEY }}" >> .env

diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml
@@ -1,4 +1,4 @@
-name: Deploy DEV to host
+name: Deploy PROD to host
 
 on:
   push:
@@ -30,13 +30,13 @@ jobs:
           mkdir .compress
           mv archive.zip .compress/.
           cd .compress
-          echo "<?php ($$z=new ZipArchive)->open('archive.zip')===TRUE && $$z->extractTo('.') && $$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php
-          echo "INTERFACE_EDITOR_URL=https://dev.json.ms" > .env
-          echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://dev.json.ms" >> .env
+          echo "<?php (\$z=new ZipArchive)->open('archive.zip')===TRUE && \$z->extractTo('.') && \$z->close(); unlink('archive.zip'); unlink('update.php') ?>" > update.php
+          echo "INTERFACE_EDITOR_URL=https://json.ms" > .env
+          echo "ACCESS_CONTROL_ALLOW_ORIGIN=https://json.ms" >> .env
           echo "JSONMS_CYPHER_KEY=${{ secrets.JSONMS_CYPHER_KEY }}" >> .env
           echo "GOOGLE_OAUTH_CLIENT_ID=637442439591-qrrpb3v9d3n5m8b8gheorfa1fbi5o6qc.apps.googleusercontent.com" >> .env
           echo "GOOGLE_OAUTH_CLIENT_SECRET=${{ secrets.GOOGLE_OAUTH_CLIENT_SECRET }}" >> .env
-          echo "GOOGLE_OAUTH_CALLBACK_URL=https://server.dev.json.ms/google/callback" >> .env
+          echo "GOOGLE_OAUTH_CALLBACK_URL=https://server.json.ms/google/callback" >> .env
           echo "DATABASE_HOST=${{ secrets.DATABASE_HOST }}" >> .env
           echo "DATABASE_DBNAME=${{ secrets.DATABASE_PROD_DBNAME }}" >> .env
           echo "DATABASE_USERNAME=${{ secrets.DATABASE_USERNAME }}" >> .env

diff --git a/composer.json b/composer.json
@@ -1,5 +1,5 @@
 {
-  "version": "1.0.12",
+  "version": "1.0.13",
   "name": "jsonms/server",
   "description": "The JSON.ms Request Handler Server is a robust backend solution designed to manage and process all incoming requests from the main JSON.ms website.",
   "license": "BSD-3-Clause",

diff --git a/datatable.sql b/datatable.sql
@@ -75,7 +75,7 @@ DROP TABLE IF EXISTS `permissions`;
 CREATE TABLE `permissions` (
   `id` int NOT NULL AUTO_INCREMENT,
   `structure_uuid` char(36) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
-  `type` enum('admin','interface') COLLATE utf8mb4_unicode_ci NOT NULL,
+  `type` enum('admin','structure') COLLATE utf8mb4_unicode_ci NOT NULL,
   `email` varchar(255) COLLATE utf8mb4_unicode_ci NOT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB AUTO_INCREMENT=57 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

diff --git a/index.php b/index.php
@@ -1,5 +1,7 @@
 <?php
 
+ini_set('session.gc_maxlifetime', 60 * 60 * 24 * 30);
+session_set_cookie_params(60 * 60 * 24 * 30);
 session_start();
 
 error_reporting(E_ALL);
@@ -26,14 +28,6 @@
 header("Access-Control-Allow-Credentials: true");
 header('Content-Type: application/json');
 
-setcookie("PHPSESSID", session_id(), [
-    'expires' => time() + 60 * 60 * 24 * 30,
-    'path' => '/',
-    'domain' => '.' . $_SERVER['HTTP_HOST'],
-    'secure' => isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https',
-    'samesite' => 'None'
-]);
-
 // Respond with a 200 OK status for preflight requests
 if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
     http_response_code(200);

diff --git a/src/controllers/BaseController.php b/src/controllers/BaseController.php
@@ -90,6 +90,9 @@ public function getCurrentUserId() {
             }
             return null;
         }
+        if ($this->user == null) {
+            return null;
+        }
         return $this->user->id;
     }
 

diff --git a/src/controllers/SessionController.php b/src/controllers/SessionController.php
@@ -1,6 +1,7 @@
 <?php
 
 use JSONms\Controllers\RestfulController;
+use GuzzleHttp\Client as GuzzleClient;
 
 class SessionController extends RestfulController {
 
@@ -28,6 +29,29 @@ private function getEndpoints($userId) {
         return [];
     }
 
+    private function getLoginUrl() {
+
+        $httpClient = new GuzzleClient([
+            'timeout' => 3.0,
+            'connect_timeout' => 3.0,
+        ]);
+
+        try {
+            // Google Client Configuration
+            $client = new Google_Client();
+            $client->setHttpClient($httpClient);
+            $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']);
+            $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']);
+            $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']);
+            $client->addScope('email');
+            $client->addScope('profile');
+
+            return $client->createAuthUrl();
+        } catch(\Exception $e) {
+            throwError(500, $e->getMessage());
+        }
+    }
+
     public function indexAction() {
 
         $loggedIn = isset($_SESSION['access_token']) && $_SESSION['access_token'];
@@ -54,53 +78,11 @@ public function indexAction() {
                 // User exists, fetch data
                 $user = $stmt->fetch(PDO::FETCH_OBJ);
             } else {
-                // Google Client Configuration
-                $client = new Google_Client();
-                $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']);
-                $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']);
-                $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']);
-                $client->addScope('email');
-                $client->addScope('profile');
-                $loginUrl = $client->createAuthUrl();
+               $loginUrl = $this->getLoginUrl();
             }
         }
         else {
-            try {
-                // Google Client Configuration
-                $client = new Google_Client();
-                $client->setClientId($_ENV['GOOGLE_OAUTH_CLIENT_ID']);
-                $client->setClientSecret($_ENV['GOOGLE_OAUTH_CLIENT_SECRET']);
-                $client->setRedirectUri($_ENV['GOOGLE_OAUTH_CALLBACK_URL']);
-                $client->addScope('email');
-                $client->addScope('profile');
-                $loginUrl = $client->createAuthUrl();
-            } catch(\Exception $e) {
-                throwError(500, $e->getMessage());
-            }
-
-            try {
-                $oauth2 = new Google_Service_Oauth2($client);
-                $oauth2->userinfo->get();
-                $loggedIn = true;
-            } catch(\Exception $e) {
-                $this->responseJson([
-                    'error' => $e->getMessage(),
-                    'loggedIn' => false,
-                    'user' => $user,
-                    'googleOAuthSignInUrl' => $loginUrl,
-                    'structures' => $structures,
-                    'endpoints' => $endpoints,
-                ]);
-            }
-
-            // Check if user already exists
-            $stmt = $this->query('get-user-by-google-id', [
-                'id' => $this->getCurrentUserId(),
-            ]);
-
-            if ($stmt->rowCount() > 0) {
-                $user = $stmt->fetch(PDO::FETCH_OBJ);
-            }
+            $loginUrl = $this->getLoginUrl();
         }
 
         if ($loggedIn && isset($user)) {