diff options
| author | unwox <me@unwox.com> | 2025-09-05 10:47:00 +0600 |
|---|---|---|
| committer | unwox <me@unwox.com> | 2025-09-05 13:45:33 +0600 |
| commit | 3b670a0253f73cbf1f765b4fcd304e21ff4370ca (patch) | |
| tree | cdb31945ff5cb9760c391514a930bf4e931feeb3 | |
| parent | 996f9a20ad329dfc8bb35945b44471bfae315ada (diff) | |
fix auth cookie expiration datetime
| -rw-r--r-- | pages/auth.fnl | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/pages/auth.fnl b/pages/auth.fnl index fc35be0..9cb7a66 100644 --- a/pages/auth.fnl +++ b/pages/auth.fnl @@ -20,15 +20,13 @@ [:h2 {} "Войти"] (forms.render-form auth-form data errors)])]) -(fn create-session [db user] +(fn create-session [db user expires-at] (local id (_G.must (luna.crypto.random-string 64))) - (local next-week (os.date "%Y-%m-%d %H:%M:%S" - (+ (os.time) (* 60 60 24 7)))) (_G.must (luna.db.exec db "INSERT INTO auth_sessions (id, user, creation_time, expires_at) VALUES (?, ?, ?, ?)" - [id user (lib.now) next-week])) + [id user (lib.now) expires-at])) id) @@ -57,10 +55,13 @@ {:password "Пользователя с таким именем и паролем не существует."} nil)] (if correct-creds? - (do - (local session-id (create-session db name)) + (let [next-week (+ (os.time) (* 60 60 24 7)) + session-id (create-session + db name (os.date "%Y-%m-%d %H:%M:%S" next-week)) + cookie-expires (os.date "%a, %d %b %Y %H:%M:%S GMT" next-week)] (values 302 {:Location "/shop" - :Set-Cookie (.. "auth= " session-id "; HttpOnly; SameSite=strict" + :Set-Cookie (.. "auth= " session-id "; HttpOnly; SameSite=strict;" + "Expires=" cookie-expires (if luna.debug? "" "; Secure"))} "")) (values 200 {} (templates.base (content request.form errors))))) (values 200 {} (templates.base (content {} {})))))) |