1f349/lavender
1
0
Fork 0
mirror of https://github.com/1f349/lavender.git synced 2024-09-16 16:46:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix incorrect cookie names

Browse Source
This commit is contained in:
Melon 2024-02-21 09:16:38 +00:00
parent 7fa4c70b01
commit 947c29bfca
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/home.go
View File

@ -13,7 +13,7 @@ func (h *HttpServer) Home(rw http.ResponseWriter, _ *http.Request, _ httprouter.
rw.Header().Set("Content-Type", "text/html")
lNonce := uuid.NewString()
http.SetCookie(rw, &http.Cookie{
Name: "tulip-nonce",
Name: "lavender-nonce",
Value: lNonce,
Path: "/",
Expires: time.Now().Add(10 * time.Minute),

4
server/server.go
View File

@ -123,14 +123,14 @@ func NewHttpServer(conf Conf, db *database.DB, signingKey mjwt.Signer) *http.Ser
r.POST("/login", hs.OptionalAuthentication(hs.loginPost))
r.GET("/callback", hs.OptionalAuthentication(hs.loginCallback))
r.POST("/logout", hs.RequireAuthentication(func(rw http.ResponseWriter, req *http.Request, params httprouter.Params, auth UserAuth) {
cookie, err := req.Cookie("tulip-nonce")
cookie, err := req.Cookie("lavender-nonce")
if err != nil {
http.Error(rw, "Missing nonce", http.StatusBadRequest)
return
}
if subtle.ConstantTimeCompare([]byte(cookie.Value), []byte(req.PostFormValue("nonce"))) == 1 {
http.SetCookie(rw, &http.Cookie{
Name: "tulip-login-data",
Name: "lavender-login-data",
Path: "/",
MaxAge: -1,
Secure: true,