Skip to content

Commit

Permalink
fix: fix the bug that authentication always fails after token change (#…
Browse files Browse the repository at this point in the history 
…59)
  • Loading branch information
@Li4n0
Li4n0 committed Sep 13, 2022
1 parent fe31622 commit 3fa2cae
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 7 deletions.
2 changes: 1 addition & 1 deletion pkg/server/controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ import (

func (revsuit *Revsuit) auth(c *gin.Context) {
c.SetSameSite(http.SameSiteLaxMode)
c.SetCookie("token", c.Request.Header["Token"][0], 0, revsuit.config.AdminPathPrefix, "", false, true)
c.SetCookie("token", c.Request.Header.Get("Token"), 0, revsuit.config.AdminPathPrefix, "", false, true)
c.String(200, "pong")
}

Expand Down
11 changes: 5 additions & 6 deletions pkg/server/router.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,12 @@ func (revsuit *Revsuit) registerPlatformRouter() {
// /api need Authorization
api := revsuit.http.Router.Group(revsuit.config.AdminPathPrefix + "/api")
api.Use(func(c *gin.Context) {
token, err := c.Cookie("token")
if err == http.ErrNoCookie {
token = c.Request.Header.Get("Token")
}
token, _ := c.Cookie("token")
if token != revsuit.http.Token {
c.Abort()
c.Status(403)
if c.Request.Header.Get("Token") != revsuit.http.Token {
c.Abort()
c.Status(403)
}
}
})
revsuit.http.ApiGroup = api
Expand Down

0 comments on commit 3fa2cae

Please sign in to comment.