feat: clear redir cookie after order/create is accessed by user

resources/views/tabler/auth/login.tpl

@@ -87,7 +87,7 @@
                     if (data.ret === 1) {
                         $('#success-message').text(data.msg);
                         $('#success-dialog').modal('show');
-                        window.setTimeout("location.href='data.redir'", {$config['jump_delay']});
+                        window.setTimeout(location.href=data.redir, {$config['jump_delay']});
                     } else {
                         $('#fail-message').text(data.msg);
                         $('#fail-dialog').modal('show');

resources/views/tabler/auth/register.tpl

@@ -154,7 +154,7 @@
                     if (data.ret === 1) {
                         $('#success-message').text(data.msg);
                         $('#success-dialog').modal('show');
-                        window.setTimeout("location.href='data.redir'", {$config['jump_delay']});
+                        window.setTimeout(location.href=data.redir, {$config['jump_delay']});
                     } else {
                         $('#fail-message').text(data.msg);
                         $('#fail-dialog').modal('show');

src/Controllers/User/OrderController.php

@@ -9,6 +9,7 @@ use App\Models\Invoice;
 use App\Models\Order;
 use App\Models\Product;
 use App\Models\UserCoupon;
+use App\Utils\Cookie;
 use App\Utils\Tools;
 use Exception;
 use Psr\Http\Message\ResponseInterface;
@@ -56,13 +57,17 @@ final class OrderController extends BaseController
     {
         $antiXss = new AntiXSS();
         $product_id = $antiXss->xss_clean($request->getQueryParams()['product_id']) ?? null;
+        $redir = Cookie::get('redir');
+
+        if ($redir !== null) {
+            Cookie::set(['redir' => ''], time() - 1);
+        }
 
         if ($product_id === null || $product_id === '') {
             return $response->withRedirect('/user/product');
         }
 
         $product = Product::where('id', $product_id)->first();
-
         $product->content = json_decode($product->content);
 
         return $response->write(

src/Middleware/Auth.php

@@ -5,6 +5,7 @@ declare(strict_types=1);
 namespace App\Middleware;
 
 use App\Services\Auth as AuthService;
+use App\Utils\Cookie;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
 use Psr\Http\Server\MiddlewareInterface;
@@ -22,7 +23,7 @@ final class Auth implements MiddlewareInterface
 
         if (! $user->isLogin) {
             if (str_contains($path, '/user/order/create')) {
-                Utils\Cookie::set(['redir' => $path], 3600);
+                Cookie::set(['redir' => $path . '?' . $request->getUri()->getQuery()], time() + 3600);
             }
             return AppFactory::determineResponseFactory()->createResponse(302)->withHeader('Location', '/auth/login');
         }