We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Environments linux amd 64、windows amd 64
RevSuit Version 0.5.0
Describe the bug A clear and concise description of what the bug is. 通过内置面板修改密码后,Token头和Cookie头不统一,导致无法登录 (token更新了、但cookie未更新、且路由中先获取的是cookie中的token)
To Reproduce
不优美的修复方案 修改\pkg\server\router.go文件的30行,分别获取token值 func (revsuit *Revsuit) registerPlatformRouter() { // /api need Authorization api := revsuit.http.Router.Group(revsuit.config.AdminPathPrefix + "/api") api.Use(func(c *gin.Context) { tokenCookie, _ := c.Cookie("token") tokenToken := c.Request.Header.Get("Token") if tokenToken != revsuit.http.Token && tokenCookie != revsuit.http.Token { c.Abort() c.Status(403) } }) revsuit.http.ApiGroup = api .....
The text was updated successfully, but these errors were encountered:
fix: fix the bug that authentication always fails after token change
7dced76
fix #57,#55
感谢反馈,问题已在 v0.5.1 版本修复,v0.5.0 版本可使用 ./revsuit upgrade 命令自动更新。如发现问题仍然存在,可在本 issue 中继续反馈。祝好。
v0.5.0
./revsuit upgrade
Sorry, something went wrong.
cool
No branches or pull requests
Environments
linux amd 64、windows amd 64
RevSuit Version
0.5.0
Describe the bug
A clear and concise description of what the bug is.
通过内置面板修改密码后,Token头和Cookie头不统一,导致无法登录
(token更新了、但cookie未更新、且路由中先获取的是cookie中的token)
To Reproduce
不优美的修复方案
修改\pkg\server\router.go文件的30行,分别获取token值
func (revsuit *Revsuit) registerPlatformRouter() {
// /api need Authorization
api := revsuit.http.Router.Group(revsuit.config.AdminPathPrefix + "/api")
api.Use(func(c *gin.Context) {
tokenCookie, _ := c.Cookie("token")
tokenToken := c.Request.Header.Get("Token")
if tokenToken != revsuit.http.Token && tokenCookie != revsuit.http.Token {
c.Abort()
c.Status(403)
}
})
revsuit.http.ApiGroup = api
.....
The text was updated successfully, but these errors were encountered: