1
0
mirror of https://github.com/muety/wakapi.git synced 2023-08-10 21:12:56 +03:00

fix: make cookie path respect server.base_path (resolve #310)

This commit is contained in:
Ferdinand Mütsch 2022-01-17 08:25:29 +01:00
parent 632a3d4a91
commit bd2a8c5a7f
5 changed files with 10 additions and 10 deletions

View File

@ -151,12 +151,12 @@ type Config struct {
Mail mailConfig Mail mailConfig
} }
func (c *Config) CreateCookie(name, value, path string) *http.Cookie { func (c *Config) CreateCookie(name, value string) *http.Cookie {
return c.createCookie(name, value, path, c.Security.CookieMaxAgeSec) return c.createCookie(name, value, c.Server.BasePath, c.Security.CookieMaxAgeSec)
} }
func (c *Config) GetClearCookie(name, path string) *http.Cookie { func (c *Config) GetClearCookie(name string) *http.Cookie {
return c.createCookie(name, "", path, -1) return c.createCookie(name, "", c.Server.BasePath, -1)
} }
func (c *Config) createCookie(name, value, path string, maxAge int) *http.Cookie { func (c *Config) createCookie(name, value, path string, maxAge int) *http.Cookie {

View File

@ -72,7 +72,7 @@ func (m *AuthenticateMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Reques
w.WriteHeader(http.StatusUnauthorized) w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(conf.ErrUnauthorized)) w.Write([]byte(conf.ErrUnauthorized))
} else { } else {
http.SetCookie(w, m.config.GetClearCookie(models.AuthCookieKey, "/")) http.SetCookie(w, m.config.GetClearCookie(models.AuthCookieKey))
http.Redirect(w, r, m.redirectTarget, http.StatusFound) http.Redirect(w, r, m.redirectTarget, http.StatusFound)
} }
return return

View File

@ -98,7 +98,7 @@ func (h *LoginHandler) PostLogin(w http.ResponseWriter, r *http.Request) {
user.LastLoggedInAt = models.CustomTime(time.Now()) user.LastLoggedInAt = models.CustomTime(time.Now())
h.userSrvc.Update(user) h.userSrvc.Update(user)
http.SetCookie(w, h.config.CreateCookie(models.AuthCookieKey, encoded, "/")) http.SetCookie(w, h.config.CreateCookie(models.AuthCookieKey, encoded))
http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound) http.Redirect(w, r, fmt.Sprintf("%s/summary", h.config.Server.BasePath), http.StatusFound)
} }
@ -107,7 +107,7 @@ func (h *LoginHandler) PostLogout(w http.ResponseWriter, r *http.Request) {
loadTemplates() loadTemplates()
} }
http.SetCookie(w, h.config.GetClearCookie(models.AuthCookieKey, "/")) http.SetCookie(w, h.config.GetClearCookie(models.AuthCookieKey))
http.Redirect(w, r, fmt.Sprintf("%s/", h.config.Server.BasePath), http.StatusFound) http.Redirect(w, r, fmt.Sprintf("%s/", h.config.Server.BasePath), http.StatusFound)
} }

View File

@ -230,7 +230,7 @@ func (h *SettingsHandler) actionChangePassword(w http.ResponseWriter, r *http.Re
return http.StatusInternalServerError, "", conf.ErrInternalServerError return http.StatusInternalServerError, "", conf.ErrInternalServerError
} }
http.SetCookie(w, h.config.CreateCookie(models.AuthCookieKey, encoded, "/")) http.SetCookie(w, h.config.CreateCookie(models.AuthCookieKey, encoded))
return http.StatusOK, "password was updated successfully", "" return http.StatusOK, "password was updated successfully", ""
} }
@ -565,7 +565,7 @@ func (h *SettingsHandler) actionDeleteUser(w http.ResponseWriter, r *http.Reques
} }
}(user) }(user)
http.SetCookie(w, h.config.GetClearCookie(models.AuthCookieKey, "/")) http.SetCookie(w, h.config.GetClearCookie(models.AuthCookieKey))
http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.Server.BasePath, "Your account will be deleted in a few minutes. Sorry to you go."), http.StatusFound) http.Redirect(w, r, fmt.Sprintf("%s/?success=%s", h.config.Server.BasePath, "Your account will be deleted in a few minutes. Sorry to you go."), http.StatusFound)
return -1, "", "" return -1, "", ""
} }

View File

@ -1 +1 @@
2.0.1 2.0.2