diff --git a/internal/webserver/controller/auth/signin.go b/internal/webserver/controller/auth/signin.go index d2ee251..0e60f3c 100644 --- a/internal/webserver/controller/auth/signin.go +++ b/internal/webserver/controller/auth/signin.go @@ -41,7 +41,7 @@ func (a *Controller) SignIn(c *fiber.Ctx) error { Name: "coreander", Value: signedToken, Path: "/", - Expires: expiration, + MaxAge: int(a.config.SessionTimeout.Seconds()), Secure: false, HTTPOnly: true, }) diff --git a/internal/webserver/controller/auth/signout.go b/internal/webserver/controller/auth/signout.go index b185e72..4b99281 100644 --- a/internal/webserver/controller/auth/signout.go +++ b/internal/webserver/controller/auth/signout.go @@ -2,7 +2,6 @@ package auth import ( "fmt" - "time" "github.com/gofiber/fiber/v2" ) @@ -11,9 +10,9 @@ import ( func (a *Controller) SignOut(c *fiber.Ctx) error { c.Cookie(&fiber.Cookie{ Name: "coreander", - Value: "", + Value: "void", Path: "/", - Expires: time.Now().Add(-time.Second * 10), + MaxAge: -1, Secure: false, HTTPOnly: true, }) diff --git a/internal/webserver/controller/user/update.go b/internal/webserver/controller/user/update.go index d048ebd..056a3b3 100644 --- a/internal/webserver/controller/user/update.go +++ b/internal/webserver/controller/user/update.go @@ -75,7 +75,7 @@ func (u *Controller) updateUserData(c *fiber.Ctx, user *model.User, session mode Name: "coreander", Value: signedToken, Path: "/", - Expires: expiration, + MaxAge: int(session.Exp), Secure: false, HTTPOnly: true, }) diff --git a/internal/webserver/middleware.go b/internal/webserver/middleware.go index 9c30671..f234c43 100644 --- a/internal/webserver/middleware.go +++ b/internal/webserver/middleware.go @@ -111,10 +111,9 @@ func forbidden(c *fiber.Ctx, sender Sender, err error) error { emailSendingConfigured = false } message := "" - if err.Error() != "missing or malformed JWT" { + if err.Error() != "missing or malformed JWT" && c.Cookies("coreander") != "void" { message = "Session expired, please log in again." } - return c.Status(fiber.StatusForbidden).Render("auth/login", fiber.Map{ "Lang": chooseBestLanguage(c), "Title": "Login", diff --git a/internal/webserver/routes.go b/internal/webserver/routes.go index ebb1535..e9a8f65 100644 --- a/internal/webserver/routes.go +++ b/internal/webserver/routes.go @@ -72,6 +72,7 @@ func routes(app *fiber.App, controllers Controllers, jwtSecret []byte, sender Se langGroup.Get("/logout", alwaysRequireAuthentication, controllers.Auth.SignOut) // Authentication requirement is configurable for all routes below this middleware + langGroup.Use(configurableAuthentication) app.Use(configurableAuthentication) app.Get("/cover/:slug", controllers.Documents.Cover)