From 3b670a0253f73cbf1f765b4fcd304e21ff4370ca Mon Sep 17 00:00:00 2001 From: unwox Date: Fri, 5 Sep 2025 10:47:00 +0600 Subject: fix auth cookie expiration datetime --- pages/auth.fnl | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'pages') diff --git a/pages/auth.fnl b/pages/auth.fnl index fc35be0..9cb7a66 100644 --- a/pages/auth.fnl +++ b/pages/auth.fnl @@ -20,15 +20,13 @@ [:h2 {} "Войти"] (forms.render-form auth-form data errors)])]) -(fn create-session [db user] +(fn create-session [db user expires-at] (local id (_G.must (luna.crypto.random-string 64))) - (local next-week (os.date "%Y-%m-%d %H:%M:%S" - (+ (os.time) (* 60 60 24 7)))) (_G.must (luna.db.exec db "INSERT INTO auth_sessions (id, user, creation_time, expires_at) VALUES (?, ?, ?, ?)" - [id user (lib.now) next-week])) + [id user (lib.now) expires-at])) id) @@ -57,10 +55,13 @@ {:password "Пользователя с таким именем и паролем не существует."} nil)] (if correct-creds? - (do - (local session-id (create-session db name)) + (let [next-week (+ (os.time) (* 60 60 24 7)) + session-id (create-session + db name (os.date "%Y-%m-%d %H:%M:%S" next-week)) + cookie-expires (os.date "%a, %d %b %Y %H:%M:%S GMT" next-week)] (values 302 {:Location "/shop" - :Set-Cookie (.. "auth= " session-id "; HttpOnly; SameSite=strict" + :Set-Cookie (.. "auth= " session-id "; HttpOnly; SameSite=strict;" + "Expires=" cookie-expires (if luna.debug? "" "; Secure"))} "")) (values 200 {} (templates.base (content request.form errors))))) (values 200 {} (templates.base (content {} {})))))) -- cgit v1.2.3