fix session

web/assets/js/model/setting.js

@@ -7,7 +7,7 @@ class AllSetting {
         this.webCertFile = "";
         this.webKeyFile = "";
         this.webBasePath = "/";
-        this.sessionMaxAge = "";
+        this.sessionMaxAge = 0;
         this.pageSize = 50;
         this.expireDiff = "";
         this.trafficDiff = "";

web/assets/js/util/utils.js

@@ -16,6 +16,9 @@ class HttpUtil {
     }
 
     static _respToMsg(resp) {
+        if (!resp || !resp.data) {
+            return new Msg(false, 'No response data');
+        }
         const { data } = resp;
         if (data == null) {
             return new Msg(true);
@@ -34,7 +37,7 @@ class HttpUtil {
             return msg;
         } catch (error) {
             console.error('GET request failed:', error);
-            const errorMsg = new Msg(false, error.response?.data?.message || error.message);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
             this._handleMsg(errorMsg);
             return errorMsg;
         }
@@ -48,7 +51,7 @@ class HttpUtil {
             return msg;
         } catch (error) {
             console.error('POST request failed:', error);
-            const errorMsg = new Msg(false, error.response?.data?.message || error.message);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
             this._handleMsg(errorMsg);
             return errorMsg;
         }

web/controller/index.go

@@ -83,12 +83,14 @@ func (a *IndexController) login(c *gin.Context) {
 		logger.Warning("Unable to get session's max age from DB")
 	}
 
-	if sessionMaxAge > 0 {
+	if sessionMaxAge <= 0 {
+		sessionMaxAge = 60
+	}
+
 	err = session.SetMaxAge(c, sessionMaxAge*60)
 	if err != nil {
 		logger.Warning("Unable to set session's max age")
 	}
-	}
 
 	err = session.SetLoginUser(c, user)
 	logger.Infof("%s logged in successfully", user.Username)

web/session/session.go

@@ -9,7 +9,10 @@ import (
 	"github.com/gin-gonic/gin"
 )
 
-const loginUser = "LOGIN_USER"
+const (
+	loginUser   = "LOGIN_USER"
+	defaultPath = "/"
+)
 
 func init() {
 	gob.Register(model.User{})
@@ -17,10 +20,6 @@ func init() {
 
 func SetLoginUser(c *gin.Context, user *model.User) error {
 	s := sessions.Default(c)
-	s.Options(sessions.Options{
-		Path:     "/",
-		HttpOnly: true,
-	})
 	s.Set(loginUser, user)
 	return s.Save()
 }
@@ -28,20 +27,24 @@ func SetLoginUser(c *gin.Context, user *model.User) error {
 func SetMaxAge(c *gin.Context, maxAge int) error {
 	s := sessions.Default(c)
 	s.Options(sessions.Options{
-		Path:   "/",
+		Path:     defaultPath,
 		MaxAge:   maxAge,
+		HttpOnly: true,
 	})
 	return s.Save()
 }
 
 func GetLoginUser(c *gin.Context) *model.User {
 	s := sessions.Default(c)
-	if obj := s.Get(loginUser); obj != nil {
+	obj := s.Get(loginUser)
-		if user, ok := obj.(model.User); ok {
+	if obj == nil {
-			return &user
-		}
-	}
 		return nil
+	}
+	user, ok := obj.(model.User)
+	if !ok {
+		return nil
+	}
+	return &user
 }
 
 func IsLogin(c *gin.Context) bool {
@@ -52,12 +55,9 @@ func ClearSession(c *gin.Context) error {
 	s := sessions.Default(c)
 	s.Clear()
 	s.Options(sessions.Options{
-		Path:   "/",
+		Path:     defaultPath,
 		MaxAge:   -1,
+		HttpOnly: true,
 	})
-	if err := s.Save(); err != nil {
+	return s.Save()
-		return err
-	}
-	c.SetCookie("3x-ui", "", -1, "/", "", false, true)
-	return nil
 }