From 1169648162c4b9b48e0b4aa508f9dea4d6bc50d5 Mon Sep 17 00:00:00 2001 From: ssongliu <73214554+ssongliu@users.noreply.github.com> Date: Sun, 4 Feb 2024 22:46:33 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E9=9D=A2=E6=9D=BF=E5=BC=80=E5=90=AF=20?= =?UTF-8?q?https=20=E6=97=B6=EF=BC=8Ccookie=20=E5=BC=80=E5=90=AF=20secure?= =?UTF-8?q?=20=E5=B1=9E=E6=80=A7=20(#3817)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/app/service/auth.go | 12 ++++++++++-- backend/app/service/setting.go | 6 ++++++ 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/backend/app/service/auth.go b/backend/app/service/auth.go index 017055c4a..ff5635441 100644 --- a/backend/app/service/auth.go +++ b/backend/app/service/auth.go @@ -109,6 +109,10 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) ( if err != nil { return nil, err } + httpsSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL")) + if err != nil { + return nil, err + } lifeTime, err := strconv.Atoi(setting.Value) if err != nil { return nil, err @@ -129,7 +133,7 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) ( sessionUser, err := global.SESSION.Get(sID) if err != nil { sID = uuid.New().String() - c.SetCookie(constant.SessionName, sID, 0, "", "", false, false) + c.SetCookie(constant.SessionName, sID, 0, "", "", httpsSetting.Value == "enable", false) err := global.SESSION.Set(sID, sessionUser, lifeTime) if err != nil { return nil, err @@ -144,9 +148,13 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) ( } func (u *AuthService) LogOut(c *gin.Context) error { + httpsSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL")) + if err != nil { + return err + } sID, _ := c.Cookie(constant.SessionName) if sID != "" { - c.SetCookie(constant.SessionName, sID, -1, "", "", false, false) + c.SetCookie(constant.SessionName, sID, -1, "", "", httpsSetting.Value == "enable", false) err := global.SESSION.Delete(sID) if err != nil { return err diff --git a/backend/app/service/setting.go b/backend/app/service/setting.go index 1be472be8..8077ae9f7 100644 --- a/backend/app/service/setting.go +++ b/backend/app/service/setting.go @@ -198,6 +198,9 @@ func (u *SettingService) UpdateSSL(c *gin.Context, req dto.SSLUpdate) error { } _ = os.Remove(path.Join(secretDir, "server.crt")) _ = os.Remove(path.Join(secretDir, "server.key")) + sID, _ := c.Cookie(constant.SessionName) + c.SetCookie(constant.SessionName, sID, 0, "", "", false, false) + go func() { _, err := cmd.Exec("systemctl restart 1panel.service") if err != nil { @@ -289,6 +292,9 @@ func (u *SettingService) UpdateSSL(c *gin.Context, req dto.SSLUpdate) error { if err := settingRepo.Update("SSL", req.SSL); err != nil { return err } + + sID, _ := c.Cookie(constant.SessionName) + c.SetCookie(constant.SessionName, sID, 0, "", "", true, false) go func() { time.Sleep(1 * time.Second) _, err := cmd.Exec("systemctl restart 1panel.service")