diff options
| author | MHSanaei <ho3ein.sanaei@gmail.com> | 2024-12-16 16:24:59 +0300 |
|---|---|---|
| committer | MHSanaei <ho3ein.sanaei@gmail.com> | 2024-12-16 16:24:59 +0300 |
| commit | b29bd993d4e2f03b7ec6a61761fa7806458365b3 (patch) | |
| tree | 381d41b599b4b156cb08063403e5c3f31fcc2126 /web/controller/index.go | |
| parent | 127eaf69b619a4e0a53485666ad485a499edf333 (diff) | |
fix session
twice set-cookie bug fixed
Diffstat (limited to 'web/controller/index.go')
| -rw-r--r-- | web/controller/index.go | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/web/controller/index.go b/web/controller/index.go index c74b6fb1..9af4ed7f 100644 --- a/web/controller/index.go +++ b/web/controller/index.go @@ -9,6 +9,7 @@ import ( "x-ui/web/service" "x-ui/web/session" + "github.com/gin-contrib/sessions" "github.com/gin-gonic/gin" ) @@ -49,8 +50,8 @@ func (a *IndexController) index(c *gin.Context) { func (a *IndexController) login(c *gin.Context) { var form LoginForm - err := c.ShouldBind(&form) - if err != nil { + + if err := c.ShouldBind(&form); err != nil { pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.invalidFormData")) return } @@ -68,29 +69,31 @@ func (a *IndexController) login(c *gin.Context) { safeUser := template.HTMLEscapeString(form.Username) safePass := template.HTMLEscapeString(form.Password) safeSecret := template.HTMLEscapeString(form.LoginSecret) + if user == nil { logger.Warningf("wrong username: \"%s\", password: \"%s\", secret: \"%s\", IP: \"%s\"", safeUser, safePass, safeSecret, getRemoteIp(c)) a.tgbot.UserLoginNotify(safeUser, safePass, getRemoteIp(c), timeStr, 0) pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.wrongUsernameOrPassword")) return - } else { - logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c)) - a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1) } + logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c)) + a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1) + sessionMaxAge, err := a.settingService.GetSessionMaxAge() if err != nil { logger.Warning("Unable to get session's max age from DB") } - err = session.SetMaxAge(c, sessionMaxAge*60) - if err != nil { - logger.Warning("Unable to set session's max age") + session.SetMaxAge(c, sessionMaxAge*60) + session.SetLoginUser(c, user) + if err := sessions.Default(c).Save(); err != nil { + logger.Warning("Unable to save session: ", err) + return } - err = session.SetLoginUser(c, user) - logger.Infof("%s logged in successfully", user.Username) - jsonMsg(c, I18nWeb(c, "pages.login.toasts.successLogin"), err) + logger.Infof("%s logged in successfully", safeUser) + jsonMsg(c, I18nWeb(c, "pages.login.toasts.successLogin"), nil) } func (a *IndexController) logout(c *gin.Context) { @@ -99,6 +102,9 @@ func (a *IndexController) logout(c *gin.Context) { logger.Infof("%s logged out successfully", user.Username) } session.ClearSession(c) + if err := sessions.Default(c).Save(); err != nil { + logger.Warning("Unable to save session after clearing:", err) + } c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path")) } |