aunix/ZLMediaKit
1
0
Fork 0
mirror of https://gitee.com/xia-chu/ZLMediaKit.git synced 2026-05-06 10:57:50 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

优化cookie登录逻辑
Some checks failed
Android / build (push) Has been cancelled
Details
CodeQL / Analyze (cpp) (push) Has been cancelled
Details
CodeQL / Analyze (javascript) (push) Has been cancelled
Details
Docker / build (push) Has been cancelled
Details
Linux / build (push) Has been cancelled
Details
Linux_Python / build (push) Has been cancelled
Details
macOS / build (push) Has been cancelled
Details
macOS_Python / build (push) Has been cancelled
Details
Windows / build (push) Has been cancelled
Details
Windows_Python / build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
xia-chu 2026-02-25 11:49:38 +08:00
parent 3514376a97
commit 0ead9b6945
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
server/WebApi.cpp
View File

@ -2428,12 +2428,7 @@ void installWebApi() {
api_regist("/index/api/login", [](API_ARGS_MAP) {
auto logined_cookie = HttpCookieManager::Instance().getCookie(kLoginedCookieName, allArgs.getParser().getHeader());
if (logined_cookie) {
// 已经登录成功
val["code"] = API::Success;
val["msg"] = "You are already logined";
return;
}
CHECK_ARGS("digest");
GET_CONFIG(std::string, api_secret, API::kSecret);
@ -2446,11 +2441,19 @@ void installWebApi() {
headerOut["Set-Cookie"] = unlogin_cookie->getCookie(kLoginCookiePath);
}
val["cookie"] = unlogin_cookie->getCookie();
if (logined_cookie) {
// secret校验失败注销登录
logined_cookie->setExpired();
HttpCookieManager::Instance().delCookie(logined_cookie);
headerOut.emplace_force("Set-Cookie", logined_cookie->getCookie(kLoginCookiePath));
}
throw AuthException("Digest does not match, incorrect secret?", headerOut, val);
}
// 登录成功, cookie保持24小时
logined_cookie = HttpCookieManager::Instance().addCookie(kLoginedCookieName, "", kLoginedCookieLifeSeconds);
headerOut["Set-Cookie"] = logined_cookie->getCookie(kLoginCookiePath);
if (!logined_cookie) {
// 未登陆状态,设置登录成功, cookie保持24小时
logined_cookie = HttpCookieManager::Instance().addCookie(kLoginedCookieName, "", kLoginedCookieLifeSeconds);
headerOut["Set-Cookie"] = logined_cookie->getCookie(kLoginCookiePath);
}
// 删除未登录状态的cookie
unlogin_cookie->setExpired();