marco/yt-dlp-webui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

jwt in headers+localstorage instead of httpOnly cookie (#117)

Browse Source
This commit is contained in:
Marco
2023-12-27 14:32:08 +01:00
committed by GitHub
parent f7ba203ed0
commit c5535fad71
14 changed files with 125 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
server/handlers/login.go
View File

@@ -30,7 +30,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
)
if username != req.Username || password != req.Password {
http.Error(w, err.Error(), http.StatusBadRequest)
http.Error(w, "invalid username or password", http.StatusBadRequest)
return
}
@@ -47,18 +47,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
return
}
cookie := &http.Cookie{
Name: utils.TOKEN_COOKIE_NAME,
HttpOnly: true,
Secure: false,
Expires: expiresAt, // 30 days
Value: tokenString,
Path: "/",
}
http.SetCookie(w, cookie)
if err := json.NewEncoder(w).Encode("ok"); err != nil {
if err := json.NewEncoder(w).Encode(tokenString); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}