mirror of
https://github.com/1f349/lavender.git
synced 2024-12-22 07:34:06 +00:00
Fix incorrect cookie names
This commit is contained in:
parent
7fa4c70b01
commit
947c29bfca
@ -13,7 +13,7 @@ func (h *HttpServer) Home(rw http.ResponseWriter, _ *http.Request, _ httprouter.
|
||||
rw.Header().Set("Content-Type", "text/html")
|
||||
lNonce := uuid.NewString()
|
||||
http.SetCookie(rw, &http.Cookie{
|
||||
Name: "tulip-nonce",
|
||||
Name: "lavender-nonce",
|
||||
Value: lNonce,
|
||||
Path: "/",
|
||||
Expires: time.Now().Add(10 * time.Minute),
|
||||
|
@ -123,14 +123,14 @@ func NewHttpServer(conf Conf, db *database.DB, signingKey mjwt.Signer) *http.Ser
|
||||
r.POST("/login", hs.OptionalAuthentication(hs.loginPost))
|
||||
r.GET("/callback", hs.OptionalAuthentication(hs.loginCallback))
|
||||
r.POST("/logout", hs.RequireAuthentication(func(rw http.ResponseWriter, req *http.Request, params httprouter.Params, auth UserAuth) {
|
||||
cookie, err := req.Cookie("tulip-nonce")
|
||||
cookie, err := req.Cookie("lavender-nonce")
|
||||
if err != nil {
|
||||
http.Error(rw, "Missing nonce", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
if subtle.ConstantTimeCompare([]byte(cookie.Value), []byte(req.PostFormValue("nonce"))) == 1 {
|
||||
http.SetCookie(rw, &http.Cookie{
|
||||
Name: "tulip-login-data",
|
||||
Name: "lavender-login-data",
|
||||
Path: "/",
|
||||
MaxAge: -1,
|
||||
Secure: true,
|
||||
|
Loading…
Reference in New Issue
Block a user