From f3c76ef8e1b0c8b3cf52bb772b6b3691afcad5d6 Mon Sep 17 00:00:00 2001 From: nishi Date: Wed, 8 May 2024 03:35:59 +0000 Subject: [PATCH] fix git-svn-id: file:///raid/svn-main/nishi-mandshurica/trunk@64 f982e544-4a7d-3444-ad1a-fde59a2a69f1 --- Module/http.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/Module/http.c b/Module/http.c index fd24422..caf4681 100644 --- a/Module/http.c +++ b/Module/http.c @@ -199,8 +199,8 @@ void http_handler(int sock) { char* usr = mandshurica_parse_form(postbuf, "username"); char* pwd = mandshurica_parse_form(postbuf, "password"); if(usr != NULL && pwd != NULL) { - char* ptr; - int res = mod_auth(usr, pwd, &ptr); + char* token; + int res = mod_auth(usr, pwd, &token); if(res == MS_AUTH_OK) { char* type; uint64_t len; @@ -245,6 +245,11 @@ void http_handler(int sock) { send(sock, lenstr, strlen(lenstr), 0); free(lenstr); + send(sock, "\r\n", 2, 0); + send(sock, "Set-Cookie: ", 11, 0); + send(sock, "TOKEN=", 6, 0); + send(sock, token, strlen(token), 0); + send(sock, "; HttpOnly", 10, 0); send(sock, "\r\n", 2, 0); send(sock, "\r\n", 2, 0); send(sock, data, len, 0); @@ -253,9 +258,14 @@ void http_handler(int sock) { send(sock, "HTTP/1.1 200 OK\r\n", 9 + 8, 0); send(sock, "Connection: keep-alive\r\n", 24, 0); send(sock, "Content-Length: 0\r\n", 19, 0); + send(sock, "Set-Cookie: ", 11, 0); + send(sock, "TOKEN=", 6, 0); + send(sock, token, strlen(token), 0); + send(sock, "; HttpOnly", 10, 0); + send(sock, "\r\n", 2, 0); send(sock, "\r\n", 2, 0); } - free(ptr); + free(token); } else if(res == MS_AUTH_ERROR) { send(sock, "HTTP/1.1 400 Bad Request\r\n", 17 + 9, 0); send(sock, "Connection: keep-alive\r\n", 24, 0); -- 2.43.0