From 3e3ed4ed5208324b20cbfc4b3b50bbe5a8a0d7f1 Mon Sep 17 00:00:00 2001 From: mhsanaei Date: Tue, 6 Aug 2024 13:44:48 +0200 Subject: [PATCH] fix session --- web/assets/js/model/setting.js | 2 +- web/assets/js/util/utils.js | 7 +++++-- web/controller/index.go | 12 ++++++----- web/session/session.go | 38 +++++++++++++++++----------------- 4 files changed, 32 insertions(+), 27 deletions(-) diff --git a/web/assets/js/model/setting.js b/web/assets/js/model/setting.js index 4035ca6e..cd46ab34 100644 --- a/web/assets/js/model/setting.js +++ b/web/assets/js/model/setting.js @@ -7,7 +7,7 @@ class AllSetting { this.webCertFile = ""; this.webKeyFile = ""; this.webBasePath = "/"; - this.sessionMaxAge = ""; + this.sessionMaxAge = 0; this.pageSize = 50; this.expireDiff = ""; this.trafficDiff = ""; diff --git a/web/assets/js/util/utils.js b/web/assets/js/util/utils.js index 50ae4636..d174bac1 100644 --- a/web/assets/js/util/utils.js +++ b/web/assets/js/util/utils.js @@ -16,6 +16,9 @@ class HttpUtil { } static _respToMsg(resp) { + if (!resp || !resp.data) { + return new Msg(false, 'No response data'); + } const { data } = resp; if (data == null) { return new Msg(true); @@ -34,7 +37,7 @@ class HttpUtil { return msg; } catch (error) { console.error('GET request failed:', error); - const errorMsg = new Msg(false, error.response?.data?.message || error.message); + const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed'); this._handleMsg(errorMsg); return errorMsg; } @@ -48,7 +51,7 @@ class HttpUtil { return msg; } catch (error) { console.error('POST request failed:', error); - const errorMsg = new Msg(false, error.response?.data?.message || error.message); + const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed'); this._handleMsg(errorMsg); return errorMsg; } diff --git a/web/controller/index.go b/web/controller/index.go index 35c10c65..24d8194e 100644 --- a/web/controller/index.go +++ b/web/controller/index.go @@ -83,11 +83,13 @@ func (a *IndexController) login(c *gin.Context) { logger.Warning("Unable to get session's max age from DB") } - if sessionMaxAge > 0 { - err = session.SetMaxAge(c, sessionMaxAge*60) - if err != nil { - logger.Warning("Unable to set session's max age") - } + if sessionMaxAge <= 0 { + sessionMaxAge = 60 + } + + err = session.SetMaxAge(c, sessionMaxAge*60) + if err != nil { + logger.Warning("Unable to set session's max age") } err = session.SetLoginUser(c, user) diff --git a/web/session/session.go b/web/session/session.go index d80f87e9..f5055efd 100644 --- a/web/session/session.go +++ b/web/session/session.go @@ -9,7 +9,10 @@ import ( "github.com/gin-gonic/gin" ) -const loginUser = "LOGIN_USER" +const ( + loginUser = "LOGIN_USER" + defaultPath = "/" +) func init() { gob.Register(model.User{}) @@ -17,10 +20,6 @@ func init() { func SetLoginUser(c *gin.Context, user *model.User) error { s := sessions.Default(c) - s.Options(sessions.Options{ - Path: "/", - HttpOnly: true, - }) s.Set(loginUser, user) return s.Save() } @@ -28,20 +27,24 @@ func SetLoginUser(c *gin.Context, user *model.User) error { func SetMaxAge(c *gin.Context, maxAge int) error { s := sessions.Default(c) s.Options(sessions.Options{ - Path: "/", - MaxAge: maxAge, + Path: defaultPath, + MaxAge: maxAge, + HttpOnly: true, }) return s.Save() } func GetLoginUser(c *gin.Context) *model.User { s := sessions.Default(c) - if obj := s.Get(loginUser); obj != nil { - if user, ok := obj.(model.User); ok { - return &user - } + obj := s.Get(loginUser) + if obj == nil { + return nil } - return nil + user, ok := obj.(model.User) + if !ok { + return nil + } + return &user } func IsLogin(c *gin.Context) bool { @@ -52,12 +55,9 @@ func ClearSession(c *gin.Context) error { s := sessions.Default(c) s.Clear() s.Options(sessions.Options{ - Path: "/", - MaxAge: -1, + Path: defaultPath, + MaxAge: -1, + HttpOnly: true, }) - if err := s.Save(); err != nil { - return err - } - c.SetCookie("3x-ui", "", -1, "/", "", false, true) - return nil + return s.Save() }