feat: 面板开启 https 时，cookie 开启 secure 属性 (#3817)

1Panel-dev · Feb 4, 2024 · 1169648 · 1169648
1 parent c169f21
commit 1169648
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 2 deletions.
diff --git a/backend/app/service/auth.go b/backend/app/service/auth.go
@@ -109,6 +109,10 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) (
 	if err != nil {
 		return nil, err
 	}
+	httpsSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL"))
+	if err != nil {
+		return nil, err
+	}
 	lifeTime, err := strconv.Atoi(setting.Value)
 	if err != nil {
 		return nil, err
@@ -129,7 +133,7 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) (
 	sessionUser, err := global.SESSION.Get(sID)
 	if err != nil {
 		sID = uuid.New().String()
-		c.SetCookie(constant.SessionName, sID, 0, "", "", false, false)
+		c.SetCookie(constant.SessionName, sID, 0, "", "", httpsSetting.Value == "enable", false)
 		err := global.SESSION.Set(sID, sessionUser, lifeTime)
 		if err != nil {
 			return nil, err
@@ -144,9 +148,13 @@ func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) (
 }
 
 func (u *AuthService) LogOut(c *gin.Context) error {
+	httpsSetting, err := settingRepo.Get(settingRepo.WithByKey("SSL"))
+	if err != nil {
+		return err
+	}
 	sID, _ := c.Cookie(constant.SessionName)
 	if sID != "" {
-		c.SetCookie(constant.SessionName, sID, -1, "", "", false, false)
+		c.SetCookie(constant.SessionName, sID, -1, "", "", httpsSetting.Value == "enable", false)
 		err := global.SESSION.Delete(sID)
 		if err != nil {
 			return err

diff --git a/backend/app/service/setting.go b/backend/app/service/setting.go
@@ -198,6 +198,9 @@ func (u *SettingService) UpdateSSL(c *gin.Context, req dto.SSLUpdate) error {
 		}
 		_ = os.Remove(path.Join(secretDir, "server.crt"))
 		_ = os.Remove(path.Join(secretDir, "server.key"))
+		sID, _ := c.Cookie(constant.SessionName)
+		c.SetCookie(constant.SessionName, sID, 0, "", "", false, false)
+
 		go func() {
 			_, err := cmd.Exec("systemctl restart 1panel.service")
 			if err != nil {
@@ -289,6 +292,9 @@ func (u *SettingService) UpdateSSL(c *gin.Context, req dto.SSLUpdate) error {
 	if err := settingRepo.Update("SSL", req.SSL); err != nil {
 		return err
 	}
+
+	sID, _ := c.Cookie(constant.SessionName)
+	c.SetCookie(constant.SessionName, sID, 0, "", "", true, false)
 	go func() {
 		time.Sleep(1 * time.Second)
 		_, err := cmd.Exec("systemctl restart 1panel.service")