中控
This commit is contained in:
@@ -32,6 +32,7 @@ from settings_store import (
|
||||
from hub_web_auth import (
|
||||
SESSION_COOKIE,
|
||||
SESSION_MAX_AGE_SEC,
|
||||
clear_session_cookie,
|
||||
cookie_secure_for_request,
|
||||
create_session_token,
|
||||
embed_allowed,
|
||||
@@ -211,8 +212,9 @@ def api_auth_login(body: LoginBody, request: Request):
|
||||
if not verify_credentials(body.username, body.password):
|
||||
raise HTTPException(status_code=401, detail="用户名或密码错误")
|
||||
token = create_session_token(body.username)
|
||||
resp = JSONResponse({"ok": True, "session_token": token})
|
||||
set_session_cookie(resp, request, token)
|
||||
embed = (request.headers.get("x-hub-embed") or "").strip() == "1"
|
||||
resp = JSONResponse({"ok": True, "session_token": token, "embed": embed})
|
||||
set_session_cookie(resp, request, token, embed=embed)
|
||||
return resp
|
||||
|
||||
|
||||
@@ -231,15 +233,15 @@ def embed_auth_login(request: Request, token: str = "", next: str = "/monitor"):
|
||||
q = urlencode({"next": dest, "embed": "1"})
|
||||
return RedirectResponse(f"/login?{q}", status_code=302)
|
||||
resp = RedirectResponse(dest, status_code=302)
|
||||
set_session_cookie(resp, request, token)
|
||||
set_session_cookie(resp, request, token, embed=True)
|
||||
return resp
|
||||
|
||||
|
||||
@app.post("/api/auth/logout")
|
||||
def api_auth_logout(request: Request):
|
||||
secure = cookie_secure_for_request(request)
|
||||
embed = (request.headers.get("x-hub-embed") or "").strip() == "1"
|
||||
resp = JSONResponse({"ok": True})
|
||||
resp.delete_cookie(SESSION_COOKIE, path="/", secure=secure)
|
||||
clear_session_cookie(resp, request, embed=embed)
|
||||
return resp
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user