fix session

2025-05-13 11:48:06 +00:00 · 2024-08-06 13:44:48 +02:00 · 2024-08-06 13:44:48 +02:00 · 3e3ed4ed52
commit 3e3ed4ed52
parent d8d9c64847
4 changed files with 32 additions and 27 deletions
--- a/web/assets/js/model/setting.js
+++ b/web/assets/js/model/setting.js
@ -7,7 +7,7 @@ class AllSetting {
        this.webCertFile = "";
        this.webKeyFile = "";
        this.webBasePath = "/";
-        this.sessionMaxAge = "";
+        this.sessionMaxAge = 0;
        this.pageSize = 50;
        this.expireDiff = "";
        this.trafficDiff = "";
--- a/web/assets/js/util/utils.js
+++ b/web/assets/js/util/utils.js
@ -16,6 +16,9 @@ class HttpUtil {
    }

    static _respToMsg(resp) {
+        if (!resp || !resp.data) {
+            return new Msg(false, 'No response data');
+        }
        const { data } = resp;
        if (data == null) {
            return new Msg(true);
@ -34,7 +37,7 @@ class HttpUtil {
            return msg;
        } catch (error) {
            console.error('GET request failed:', error);
-            const errorMsg = new Msg(false, error.response?.data?.message || error.message);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
            this._handleMsg(errorMsg);
            return errorMsg;
        }
@ -48,7 +51,7 @@ class HttpUtil {
            return msg;
        } catch (error) {
            console.error('POST request failed:', error);
-            const errorMsg = new Msg(false, error.response?.data?.message || error.message);
+            const errorMsg = new Msg(false, error.response?.data?.message || error.message || 'Request failed');
            this._handleMsg(errorMsg);
            return errorMsg;
        }
--- a/web/controller/index.go
+++ b/web/controller/index.go
@ -83,12 +83,14 @@ func (a *IndexController) login(c *gin.Context) {
 		logger.Warning("Unable to get session's max age from DB")
 	}

-	if sessionMaxAge > 0 {
+	if sessionMaxAge <= 0 {
+		sessionMaxAge = 60
+	}
+
 	err = session.SetMaxAge(c, sessionMaxAge*60)
 	if err != nil {
 		logger.Warning("Unable to set session's max age")
 	}
-	}

 	err = session.SetLoginUser(c, user)
 	logger.Infof("%s logged in successfully", user.Username)
--- a/web/session/session.go
+++ b/web/session/session.go
@ -9,7 +9,10 @@ import (
 	"github.com/gin-gonic/gin"
 )

-const loginUser = "LOGIN_USER"
+const (
+	loginUser   = "LOGIN_USER"
+	defaultPath = "/"
+)

 func init() {
 	gob.Register(model.User{})
@ -17,10 +20,6 @@ func init() {

 func SetLoginUser(c *gin.Context, user *model.User) error {
 	s := sessions.Default(c)
-	s.Options(sessions.Options{
-		Path:     "/",
-		HttpOnly: true,
-	})
 	s.Set(loginUser, user)
 	return s.Save()
 }
@ -28,21 +27,25 @@ func SetLoginUser(c *gin.Context, user *model.User) error {
 func SetMaxAge(c *gin.Context, maxAge int) error {
 	s := sessions.Default(c)
 	s.Options(sessions.Options{
-		Path:   "/",
+		Path:     defaultPath,
 		MaxAge:   maxAge,
+		HttpOnly: true,
 	})
 	return s.Save()
 }

 func GetLoginUser(c *gin.Context) *model.User {
 	s := sessions.Default(c)
-	if obj := s.Get(loginUser); obj != nil {
-		if user, ok := obj.(model.User); ok {
-			return &user
-		}
-	}
+	obj := s.Get(loginUser)
+	if obj == nil {
 		return nil
 	}
+	user, ok := obj.(model.User)
+	if !ok {
+		return nil
+	}
+	return &user
+}

 func IsLogin(c *gin.Context) bool {
 	return GetLoginUser(c) != nil
@ -52,12 +55,9 @@ func ClearSession(c *gin.Context) error {
 	s := sessions.Default(c)
 	s.Clear()
 	s.Options(sessions.Options{
-		Path:   "/",
+		Path:     defaultPath,
 		MaxAge:   -1,
+		HttpOnly: true,
 	})
-	if err := s.Save(); err != nil {
-		return err
-	}
-	c.SetCookie("3x-ui", "", -1, "/", "", false, true)
-	return nil
+	return s.Save()
 }