diff options
author | Tor Andersson <tor@ccxvii.net> | 2022-04-27 17:44:17 +0200 |
---|---|---|
committer | Tor Andersson <tor@ccxvii.net> | 2022-04-30 14:24:48 +0200 |
commit | e9ff79d42d2dc55eada4007978250912fd34cbf3 (patch) | |
tree | 35f12c3d728abda12d4248d4810b7bc2faa6dee6 | |
parent | 3010ff24a7b7c16fa13f865d6485f6dadaa8208f (diff) | |
download | server-e9ff79d42d2dc55eada4007978250912fd34cbf3.tar.gz |
Allow setting cookie name in .env to distinguish logins on same domain.
-rw-r--r-- | server.js | 10 |
1 files changed, 6 insertions, 4 deletions
@@ -60,6 +60,8 @@ if (process.env.MAIL_HOST && process.env.MAIL_PORT && process.env.MAIL_FROM) { * Login session management. */ +const COOKIE = (process.env.COOKIE || "login") + "="; + db.exec("delete from logins where expires < julianday()"); const login_sql_select = SQL("select user_id from logins where sid = ? and expires > julianday()").pluck(); const login_sql_insert = SQL("insert into logins values (abs(random()) % (1<<48), ?, julianday() + 28) returning sid").pluck(); @@ -68,16 +70,16 @@ const login_sql_touch = SQL("update logins set expires = julianday() + 28 where function make_cookie(sid, age) { if (SITE_HOST !== "localhost") - return `login=${sid}; Path=/; Domain=${SITE_HOST}; Max-Age=${age}; HttpOnly`; - return `login=${sid}; Path=/; Max-Age=${age}; HttpOnly`; + return `${COOKIE}${sid}; Path=/; Domain=${SITE_HOST}; Max-Age=${age}; HttpOnly`; + return `${COOKIE}${sid}; Path=/; Max-Age=${age}; HttpOnly`; } function login_cookie(req) { let c = req.headers.cookie; if (c) { - let i = c.indexOf("login="); + let i = c.indexOf(COOKIE); if (i >= 0) - return parseInt(c.substring(i+6)); + return parseInt(c.substring(i+COOKIE.length)); } return 0; } |