fix: logout

fix: change token name and same site lax rule
fix: http auth
2026-02-25 05:00:49 +08:00 · 2024-09-02 14:07:47 +08:00 · 2024-09-02 13:59:36 +08:00 · 2024-09-02 13:45:49 +08:00
1 changed files with 6 additions and 8 deletions
--- a/server/auth.go
+++ b/server/auth.go
@@ -22,7 +22,7 @@ func (s *Server) authModdleware(c *gin.Context) {
 		c.Next()
 		return
 	}
-	token, err := c.Cookie("token")
+	token, err := c.Cookie("polaris_token")
 	if err != nil {
 		log.Errorf("token error: %v", err)
 		c.AbortWithStatus(http.StatusForbidden)
@@ -90,11 +90,9 @@ func (s *Server) Login(c *gin.Context) (interface{}, error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "sign")
 	}
-	c.SetSameSite(http.SameSiteNoneMode)
-	c.SetCookie("token", sig, 0, "/", "", true, false)
-	return gin.H{
-		"token": sig,
-	}, nil
+	c.SetSameSite(http.SameSiteLaxMode)
+	c.SetCookie("polaris_token", sig, 0, "/", "", false, false)
+	return "success", nil
 }

 func (s *Server) Logout(c *gin.Context) (interface{}, error) {
@@ -102,8 +100,8 @@ func (s *Server) Logout(c *gin.Context) (interface{}, error) {
 		return nil, errors.New( "auth is not enabled")
 	}

-	c.SetSameSite(http.SameSiteNoneMode)
-	c.SetCookie("token", "", -1, "/", "", true, false)
+	c.SetSameSite(http.SameSiteLaxMode)
+	c.SetCookie("polaris_token", "", -1, "/", "", false, false)
 	return nil, nil
 }
Author	SHA1	Message	Date
Simon Ding	ca414a73ff	fix: logout	2024-09-02 14:07:47 +08:00
Simon Ding	32b595e116	fix: change token name and same site lax rule	2024-09-02 13:59:36 +08:00
Simon Ding	b12bbd2ad9	fix: http auth	2024-09-02 13:45:49 +08:00