session cookies no longer expire after you close the browser - TODO: "Remember me" flag

7c4ec8d8 · Dominika Liberda · ca2c8b4a · 7c4ec8d8 · 7c4ec8d8
Commit 7c4ec8d8 authored Jul 26, 2020 by Dominika Liberda 💽
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 4 deletions

src/account.sh src/account.sh +4 -4

src/misc.sh src/misc.sh +5 -0

No files found.
--- a/src/account.sh
+++ b/src/account.sh
@@ -14,8 +14,8 @@ function register() {
 	local salt=$(dd if=/dev/urandom bs=256 count=1 | sha1sum | cut -c 1-16)
 	local hash=$(echo -n $2$salt | sha256sum | cut -c 1-64)
 	local token=$(dd if=/dev/urandom bs=32 count=1 | sha1sum | cut -c 1-40)
-	set_cookie "sh_session" $token
-	set_cookie "username" $username
+	set_cookie_permanent "sh_session" $token
+	set_cookie_permanent "username" $username
 	
 	echo "$username:$hash:$salt:$token" >> secret/users.dat
 }
@@ -27,8 +27,8 @@ function login() {
 	local user=($(grep "$username:" secret/users.dat))
 	unset IFS
 	if [[ $(echo -n $2${user[2]} | sha256sum | cut -c 1-64 ) == ${user[1]} ]]; then
-		set_cookie "sh_session" ${user[3]}
-		set_cookie "username" $username
+		set_cookie_permanent "sh_session" ${user[3]}
+		set_cookie_permanent "username" $username
 		return 0
 	else
 		remove_cookie "sh_session"

--- a/src/misc.sh
+++ b/src/misc.sh
@@ -6,6 +6,11 @@ function set_cookie() {
 	r[headers]+="Set-Cookie: $1=$2\r\n"
 }

+# set_cookie_permanent(cookie_name, cookie_content)
+function set_cookie_permanent() {
+	r[headers]+="Set-Cookie: $1=$2; Expires=Mon, 26 Jul 2100 22:45:00 GMT\r\n"
+}
+
 # remove_cookie(cookie_name)
 function remove_cookie() {
 	r[headers]+="Set-Cookie: $1=; Expires=Sat, 02 Apr 2005 20:37:00 GMT\r\n"