Merge pull request #12 from Crowdhandler/fix/set-cookie-domain

Added methods to get and set the cookie domain

Author: carl-wells-crowdhandler

src/GateKeeper.php

@@ -24,6 +24,7 @@ class GateKeeper
     private $safetyNetSlug;
     private $debug = false;
     private $timer;
+    private $cookieDomain;
     private $ignoreRequest = false;
     public $token;
     public $ip='192.168.0.1';
@@ -51,6 +52,8 @@ public function __construct(Client $client, \Psr\Http\Message\ServerRequestInter
             $cookies = $_COOKIE;
         }
 
+        $this->setCookieDomain($server);
+
         if (isset($server['REQUEST_SCHEME'])){
             $this->ignoreRequest = strtolower($server['REQUEST_SCHEME']) != "https";
         }
@@ -247,13 +250,34 @@ public function getRedirectUrl()
         return $this->redirectUrl;
     }
 
+    /**
+     * Set Cookie domain based on server variables
+     * Removes www. if found to allow subdomains 
+     */
+    private function setCookieDomain($server)
+    {
+        $host = "";
+        if (array_key_exists('HTTP_HOST', $server)) {
+            $host = $server["HTTP_HOST"];
+            if(strpos($host, "www.") === 0) {
+                $host = substr($host, 4);
+            }
+        }
+        $this->cookieDomain = $host;
+    }
+
+    private function getCookieDomain()
+    {
+        return $this->cookieDomain;
+    }
+
     /**
      * Set CrowdHandler session cookie 
      */
     private function setCookie($cookie)
     {   
         if (!is_null($cookie)) {
-            setcookie(self::TOKEN_COOKIE, $cookie, 0, '/', '', $this->debug ? false: true);
+            setcookie(self::TOKEN_COOKIE, $cookie, 0, '/', $this->getCookieDomain(), $this->debug ? false: true);
             $this->debug('Setting cookie '.$cookie);
         }
     }