userpage: store refresh token separately

stored as "user-refresh" fixes weird issues when two accounts are logged
in.
user-page
Harvey Tindall 1 year ago
parent 5beeeb958b
commit 75dc9d4d1d
No known key found for this signature in database
GPG Key ID: BBC65952848FB1A2

@ -94,7 +94,7 @@ func (app *appContext) SetMyContactMethods(gc *gin.Context) {
// @Security Bearer // @Security Bearer
// @tags User Page // @tags User Page
func (app *appContext) LogoutUser(gc *gin.Context) { func (app *appContext) LogoutUser(gc *gin.Context) {
cookie, err := gc.Cookie("refresh") cookie, err := gc.Cookie("user-refresh")
if err != nil { if err != nil {
app.debug.Printf("Couldn't get cookies: %s", err) app.debug.Printf("Couldn't get cookies: %s", err)
respond(500, "Couldn't fetch cookies", gc) respond(500, "Couldn't fetch cookies", gc)

@ -237,9 +237,9 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
gc.JSON(200, getTokenDTO{token}) gc.JSON(200, getTokenDTO{token})
} }
func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context) (claims jwt.MapClaims, ok bool) { func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context, cookieName string) (claims jwt.MapClaims, ok bool) {
ok = false ok = false
cookie, err := gc.Cookie("refresh") cookie, err := gc.Cookie(cookieName)
if err != nil || cookie == "" { if err != nil || cookie == "" {
app.debug.Printf("getTokenRefresh denied: Couldn't get token: %s", err) app.debug.Printf("getTokenRefresh denied: Couldn't get token: %s", err)
respond(400, "Couldn't get token", gc) respond(400, "Couldn't get token", gc)
@ -285,7 +285,7 @@ func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context) (claims jwt.
// @tags Auth // @tags Auth
func (app *appContext) getTokenRefresh(gc *gin.Context) { func (app *appContext) getTokenRefresh(gc *gin.Context) {
app.debug.Println("Token requested (refresh token)") app.debug.Println("Token requested (refresh token)")
claims, ok := app.decodeValidateRefreshCookie(gc) claims, ok := app.decodeValidateRefreshCookie(gc, "refresh")
if !ok { if !ok {
return return
} }

@ -60,7 +60,7 @@ func (app *appContext) getUserTokenLogin(gc *gin.Context) {
} }
app.debug.Printf("Token generated for non-admin user \"%s\"", username) app.debug.Printf("Token generated for non-admin user \"%s\"", username)
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true) gc.SetCookie("user-refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
gc.JSON(200, getTokenDTO{token}) gc.JSON(200, getTokenDTO{token})
} }
@ -79,7 +79,7 @@ func (app *appContext) getUserTokenRefresh(gc *gin.Context) {
} }
app.info.Println("UserToken request (refresh token)") app.info.Println("UserToken request (refresh token)")
claims, ok := app.decodeValidateRefreshCookie(gc) claims, ok := app.decodeValidateRefreshCookie(gc, "user-refresh")
if !ok { if !ok {
return return
} }
@ -93,6 +93,6 @@ func (app *appContext) getUserTokenRefresh(gc *gin.Context) {
return return
} }
gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true) gc.SetCookie("user-refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/my", gc.Request.URL.Hostname(), true, true)
gc.JSON(200, getTokenDTO{jwt}) gc.JSON(200, getTokenDTO{jwt})
} }

Loading…
Cancel
Save