diff options
| -rw-r--r-- | web/assets/js/util/index.js | 19 | ||||
| -rw-r--r-- | web/controller/index.go | 6 | ||||
| -rw-r--r-- | web/session/session.go | 12 | ||||
| -rw-r--r-- | web/web.go | 15 |
4 files changed, 19 insertions, 33 deletions
diff --git a/web/assets/js/util/index.js b/web/assets/js/util/index.js index e69f3341..cc7b9287 100644 --- a/web/assets/js/util/index.js +++ b/web/assets/js/util/index.js @@ -651,10 +651,13 @@ class CookieManager { } static setCookie(cname, cvalue, exdays) { - const d = new Date(); - d.setTime(d.getTime() + exdays * 24 * 60 * 60 * 1000); - let expires = 'expires=' + d.toUTCString(); - document.cookie = cname + '=' + encodeURIComponent(cvalue) + ';' + expires + ';path=/'; + let expires = ''; + if (exdays) { + const d = new Date(); + d.setTime(d.getTime() + exdays * 24 * 60 * 60 * 1000); + expires = 'expires=' + d.toUTCString() + ';'; + } + document.cookie = cname + '=' + encodeURIComponent(cvalue) + ';' + expires + 'path=/'; } } @@ -813,13 +816,13 @@ class LanguageManager { }); if (LanguageManager.isSupportLanguage(lang)) { - CookieManager.setCookie("lang", lang, 150); + CookieManager.setCookie("lang", lang); } else { - CookieManager.setCookie("lang", "en-US", 150); + CookieManager.setCookie("lang", "en-US"); window.location.reload(); } } else { - CookieManager.setCookie("lang", "en-US", 150); + CookieManager.setCookie("lang", "en-US"); window.location.reload(); } } @@ -832,7 +835,7 @@ class LanguageManager { language = "en-US"; } - CookieManager.setCookie("lang", language, 150); + CookieManager.setCookie("lang", language); window.location.reload(); } diff --git a/web/controller/index.go b/web/controller/index.go index dd58e5e5..1325bed5 100644 --- a/web/controller/index.go +++ b/web/controller/index.go @@ -95,12 +95,6 @@ func (a *IndexController) login(c *gin.Context) { logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c)) a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1) - sessionMaxAge, err := a.settingService.GetSessionMaxAge() - if err != nil { - logger.Warning("Unable to get session's max age from DB") - } - - session.SetMaxAge(c, sessionMaxAge*60) session.SetLoginUser(c, user) if err := sessions.Default(c).Save(); err != nil { logger.Warning("Unable to save session: ", err) diff --git a/web/session/session.go b/web/session/session.go index 63da426b..95b85227 100644 --- a/web/session/session.go +++ b/web/session/session.go @@ -31,18 +31,6 @@ func SetLoginUser(c *gin.Context, user *model.User) { s.Set(loginUserKey, *user) } -// SetMaxAge configures the session cookie maximum age in seconds. -// This controls how long the session remains valid before requiring re-authentication. -func SetMaxAge(c *gin.Context, maxAge int) { - s := sessions.Default(c) - s.Options(sessions.Options{ - Path: defaultPath, - MaxAge: maxAge, - HttpOnly: true, - SameSite: http.SameSiteLaxMode, - }) -} - // GetLoginUser retrieves the authenticated user from the session. // Returns nil if no user is logged in or if the session data is invalid. func GetLoginUser(c *gin.Context) *model.User { @@ -207,14 +207,15 @@ func (s *Server) initRouter() (*gin.Engine, error) { store := cookie.NewStore(secret) // Configure default session cookie options, including expiration (MaxAge) - if sessionMaxAge, err := s.settingService.GetSessionMaxAge(); err == nil { - store.Options(sessions.Options{ - Path: "/", - MaxAge: sessionMaxAge * 60, // minutes -> seconds - HttpOnly: true, - SameSite: http.SameSiteLaxMode, - }) + sessionOptions := sessions.Options{ + Path: basePath, + HttpOnly: true, + SameSite: http.SameSiteLaxMode, } + if sessionMaxAge, err := s.settingService.GetSessionMaxAge(); err == nil && sessionMaxAge > 0 { + sessionOptions.MaxAge = sessionMaxAge * 60 // minutes -> seconds + } + store.Options(sessionOptions) engine.Use(sessions.Sessions("3x-ui", store)) engine.Use(func(c *gin.Context) { c.Set("base_path", basePath) |