summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTor Andersson <tor@ccxvii.net>2022-04-27 17:44:17 +0200
committerTor Andersson <tor@ccxvii.net>2022-04-30 14:24:48 +0200
commite9ff79d42d2dc55eada4007978250912fd34cbf3 (patch)
tree35f12c3d728abda12d4248d4810b7bc2faa6dee6
parent3010ff24a7b7c16fa13f865d6485f6dadaa8208f (diff)
downloadserver-e9ff79d42d2dc55eada4007978250912fd34cbf3.tar.gz
Allow setting cookie name in .env to distinguish logins on same domain.
-rw-r--r--server.js10
1 files changed, 6 insertions, 4 deletions
diff --git a/server.js b/server.js
index e350a06..f720e95 100644
--- a/server.js
+++ b/server.js
@@ -60,6 +60,8 @@ if (process.env.MAIL_HOST && process.env.MAIL_PORT && process.env.MAIL_FROM) {
* Login session management.
*/
+const COOKIE = (process.env.COOKIE || "login") + "=";
+
db.exec("delete from logins where expires < julianday()");
const login_sql_select = SQL("select user_id from logins where sid = ? and expires > julianday()").pluck();
const login_sql_insert = SQL("insert into logins values (abs(random()) % (1<<48), ?, julianday() + 28) returning sid").pluck();
@@ -68,16 +70,16 @@ const login_sql_touch = SQL("update logins set expires = julianday() + 28 where
function make_cookie(sid, age) {
if (SITE_HOST !== "localhost")
- return `login=${sid}; Path=/; Domain=${SITE_HOST}; Max-Age=${age}; HttpOnly`;
- return `login=${sid}; Path=/; Max-Age=${age}; HttpOnly`;
+ return `${COOKIE}${sid}; Path=/; Domain=${SITE_HOST}; Max-Age=${age}; HttpOnly`;
+ return `${COOKIE}${sid}; Path=/; Max-Age=${age}; HttpOnly`;
}
function login_cookie(req) {
let c = req.headers.cookie;
if (c) {
- let i = c.indexOf("login=");
+ let i = c.indexOf(COOKIE);
if (i >= 0)
- return parseInt(c.substring(i+6));
+ return parseInt(c.substring(i+COOKIE.length));
}
return 0;
}