mirror of
https://github.com/hrfee/jfa-go.git
synced 2024-12-22 17:10:10 +00:00
userpage: store refresh token separately
stored as "user-refresh" fixes weird issues when two accounts are logged in.
This commit is contained in:
parent
5beeeb958b
commit
75dc9d4d1d
@ -94,7 +94,7 @@ func (app *appContext) SetMyContactMethods(gc *gin.Context) {
|
|||||||
// @Security Bearer
|
// @Security Bearer
|
||||||
// @tags User Page
|
// @tags User Page
|
||||||
func (app *appContext) LogoutUser(gc *gin.Context) {
|
func (app *appContext) LogoutUser(gc *gin.Context) {
|
||||||
cookie, err := gc.Cookie("refresh")
|
cookie, err := gc.Cookie("user-refresh")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
app.debug.Printf("Couldn't get cookies: %s", err)
|
app.debug.Printf("Couldn't get cookies: %s", err)
|
||||||
respond(500, "Couldn't fetch cookies", gc)
|
respond(500, "Couldn't fetch cookies", gc)
|
||||||
|
6
auth.go
6
auth.go
@ -237,9 +237,9 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
|
|||||||
gc.JSON(200, getTokenDTO{token})
|
gc.JSON(200, getTokenDTO{token})
|
||||||
}
|
}
|
||||||
|
|
||||||
func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context) (claims jwt.MapClaims, ok bool) {
|
func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context, cookieName string) (claims jwt.MapClaims, ok bool) {
|
||||||
ok = false
|
ok = false
|
||||||
cookie, err := gc.Cookie("refresh")
|
cookie, err := gc.Cookie(cookieName)
|
||||||
if err != nil || cookie == "" {
|
if err != nil || cookie == "" {
|
||||||
app.debug.Printf("getTokenRefresh denied: Couldn't get token: %s", err)
|
app.debug.Printf("getTokenRefresh denied: Couldn't get token: %s", err)
|
||||||
respond(400, "Couldn't get token", gc)
|
respond(400, "Couldn't get token", gc)
|
||||||
@ -285,7 +285,7 @@ func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context) (claims jwt.
|
|||||||
// @tags Auth
|
// @tags Auth
|
||||||
func (app *appContext) getTokenRefresh(gc *gin.Context) {
|
func (app *appContext) getTokenRefresh(gc *gin.Context) {
|
||||||
app.debug.Println("Token requested (refresh token)")
|
app.debug.Println("Token requested (refresh token)")
|
||||||
claims, ok := app.decodeValidateRefreshCookie(gc)
|
claims, ok := app.decodeValidateRefreshCookie(gc, "refresh")
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -60,7 +60,7 @@ func (app *appContext) getUserTokenLogin(gc *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
app.debug.Printf("Token generated for non-admin user \"%s\"", username)
|
app.debug.Printf("Token generated for non-admin user \"%s\"", username)
|
||||||
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
|
gc.SetCookie("user-refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
|
||||||
gc.JSON(200, getTokenDTO{token})
|
gc.JSON(200, getTokenDTO{token})
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -79,7 +79,7 @@ func (app *appContext) getUserTokenRefresh(gc *gin.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
app.info.Println("UserToken request (refresh token)")
|
app.info.Println("UserToken request (refresh token)")
|
||||||
claims, ok := app.decodeValidateRefreshCookie(gc)
|
claims, ok := app.decodeValidateRefreshCookie(gc, "user-refresh")
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -93,6 +93,6 @@ func (app *appContext) getUserTokenRefresh(gc *gin.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
|
gc.SetCookie("user-refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
|
||||||
gc.JSON(200, getTokenDTO{jwt})
|
gc.JSON(200, getTokenDTO{jwt})
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user