login/logout fixes (single token for all sessions);
link to reset password in user profile template and some cosmetic fixes in html templatesmaster
parent
f4acf890d8
commit
8921484644
|
@ -111,11 +111,13 @@ func www_login(ctx *WebContext, w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
exp := time.Now().Add(10 * 365 * 24 * time.Hour)
|
||||
u := udb.UserInfoName(user)
|
||||
token := generateSecureToken(16)
|
||||
u.Token = token
|
||||
udb.Tokens[token] = user
|
||||
udb.Names[user] = *u
|
||||
cookie := http.Cookie{Name: "token", Value: token, Expires: exp}
|
||||
if len(u.Token) == 0 {
|
||||
token := generateSecureToken(16)
|
||||
u.Token = token
|
||||
udb.Tokens[token] = user
|
||||
udb.Names[user] = *u
|
||||
}
|
||||
cookie := http.Cookie{Name: "token", Value: u.Token, Expires: exp}
|
||||
http.SetCookie(w, &cookie)
|
||||
ii.Info.Printf("User logged in: %s\n", user)
|
||||
http.Redirect(w, r, ctx.PfxPath+"/", http.StatusSeeOther)
|
||||
|
@ -150,9 +152,12 @@ func www_logout(ctx *WebContext, w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
cookie, err := r.Cookie("token")
|
||||
if err == nil {
|
||||
token := cookie.Value
|
||||
udb := ctx.www.udb
|
||||
if udb.Access(cookie.Value) {
|
||||
delete(ctx.www.udb.Tokens, cookie.Value)
|
||||
if udb.Access(token) {
|
||||
u := udb.UserInfo(token)
|
||||
u.Token = ""
|
||||
delete(ctx.www.udb.Tokens, token)
|
||||
}
|
||||
}
|
||||
rmcookie := http.Cookie{Name: "token", Value: "", Expires: time.Unix(0, 0)}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
<div id="footer">
|
||||
Powered by <a href="https://git.openbsd.org.ru/vasyahacker/openidec">OpenIDEC</a>
|
||||
Powered by <a href="https://git.openbsd.org.ru/vasyahacker/openidec">OpenIDEC</a> /
|
||||
Original by <a href="https://github.com/hugeping/ii-go">ii-go</a> / 2021-2023
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -35,6 +35,7 @@
|
|||
{{ template "links.tpl" }}
|
||||
{{ if .User.Name }}
|
||||
{{ if eq .BasePath "profile" }}
|
||||
<a href="/reset">Reset password</a> |
|
||||
<a href="/logout">Logout</a>
|
||||
{{ else }}
|
||||
<a href="/profile">{{.User.Name}}</a>
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
</td></tr>
|
||||
|
||||
<tr class="even"><td>
|
||||
<input type="password" name="password" class="passwd" placeholder="password"><br>
|
||||
<input type="password" name="password" class="passwd" placeholder="new password"><br>
|
||||
</td></tr>
|
||||
|
||||
<tr class="odd"><td class="links">
|
||||
|
|
Loading…
Reference in New Issue