add cross cookie login.

This commit is contained in:
amass 2024-06-16 13:37:26 +00:00
parent 702b4a3358
commit 9e3bf28451
3 changed files with 24 additions and 4 deletions

View File

@ -260,8 +260,6 @@ http {
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
# access_by_lua_file lua/authentication.lua;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
@ -272,6 +270,7 @@ http {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://frp_http_proxy;
access_by_lua_file lua/authentication.lua;
}
}
@ -339,7 +338,7 @@ http {
content_by_lua_file lua/profile.lua;
}
location /api/v1/login {
location ^~ /api/v1/login {
default_type 'application/json; charset=utf-8';
content_by_lua_file lua/login.lua;
}

View File

@ -2,6 +2,25 @@ local cjson = require "cjson"
local password_path = "password.txt"
local function add_domain(cookies, key, domain)
if type(cookies) == "string" then -- 确保 set_cookies 是一个表
cookies = { cookies }
end
local new_cookies = {} -- 查找并修改名为 'remember' 的 Cookie
for _, cookie in ipairs(cookies) do
local cookie_key, value = string.match(cookie, "^%s*(.-)%s*=%s*(.-)%s*;")
if cookie_key == key then
local new_cookie = value .. "; Domain=" .. domain .. "; Path=/; HttpOnly"
table.insert(new_cookies, key.."=" .. new_cookie)
else
table.insert(new_cookies, cookie)
end
end
return new_cookies;
end
ngx.req.read_body()
local body = ngx.req.get_body_data()
@ -49,6 +68,8 @@ if credentials[user_account] == user_password then
session:set("account", user_account)
session:set("authenticated", true)
session:save()
ngx.header["Set-Cookie"] = add_domain(ngx.header["Set-Cookie"], "remember", ".amass.fun");
else
reply.status = -100
reply.message = "登录失败"

View File

@ -40,7 +40,7 @@ function deploy() {
echo "build backend failed ..."
exit 1
fi
rsync -azv build/Server/HttpServer Server/conf root@amass.fun:${server_location}
rsync -azv build/Server/HttpServer Server/conf Server/lua root@amass.fun:${server_location}
ssh root@amass.fun "pkill HttpServer; source /etc/profile && \
openresty -p ${server_location} -s reload && \
cd ${server_location}; \