From 0ead9b694597f9bc4075588fb30912c590052e2b Mon Sep 17 00:00:00 2001 From: xia-chu <771730766@qq.com> Date: Wed, 25 Feb 2026 11:49:38 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96cookie=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- server/WebApi.cpp | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/server/WebApi.cpp b/server/WebApi.cpp index aabc57e3..f68f6128 100755 --- a/server/WebApi.cpp +++ b/server/WebApi.cpp @@ -2428,12 +2428,7 @@ void installWebApi() { api_regist("/index/api/login", [](API_ARGS_MAP) { auto logined_cookie = HttpCookieManager::Instance().getCookie(kLoginedCookieName, allArgs.getParser().getHeader()); - if (logined_cookie) { - // 已经登录成功 - val["code"] = API::Success; - val["msg"] = "You are already logined"; - return; - } + CHECK_ARGS("digest"); GET_CONFIG(std::string, api_secret, API::kSecret); @@ -2446,11 +2441,19 @@ void installWebApi() { headerOut["Set-Cookie"] = unlogin_cookie->getCookie(kLoginCookiePath); } val["cookie"] = unlogin_cookie->getCookie(); + if (logined_cookie) { + // secret校验失败,注销登录 + logined_cookie->setExpired(); + HttpCookieManager::Instance().delCookie(logined_cookie); + headerOut.emplace_force("Set-Cookie", logined_cookie->getCookie(kLoginCookiePath)); + } throw AuthException("Digest does not match, incorrect secret?", headerOut, val); } - // 登录成功, cookie保持24小时 - logined_cookie = HttpCookieManager::Instance().addCookie(kLoginedCookieName, "", kLoginedCookieLifeSeconds); - headerOut["Set-Cookie"] = logined_cookie->getCookie(kLoginCookiePath); + if (!logined_cookie) { + // 未登陆状态,设置登录成功, cookie保持24小时 + logined_cookie = HttpCookieManager::Instance().addCookie(kLoginedCookieName, "", kLoginedCookieLifeSeconds); + headerOut["Set-Cookie"] = logined_cookie->getCookie(kLoginCookiePath); + } // 删除未登录状态的cookie unlogin_cookie->setExpired();