mirror of
https://github.com/grafana/grafana.git
synced 2025-02-25 18:55:37 -06:00
fix: change to remember me cookie encoding
This commit is contained in:
parent
aee4af2148
commit
b780415f25
@ -11,7 +11,6 @@ import (
|
||||
"github.com/grafana/grafana/pkg/middleware"
|
||||
m "github.com/grafana/grafana/pkg/models"
|
||||
"github.com/grafana/grafana/pkg/setting"
|
||||
"github.com/grafana/grafana/pkg/util"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -79,8 +78,7 @@ func tryLoginUsingRememberCookie(c *middleware.Context) bool {
|
||||
user := userQuery.Result
|
||||
|
||||
// validate remember me cookie
|
||||
if val, _ := c.GetSuperSecureCookie(
|
||||
util.EncodeMd5(user.Rands+user.Password), setting.CookieRememberName); val != user.Login {
|
||||
if val, _ := c.GetSuperSecureCookie(user.Rands+user.Password, setting.CookieRememberName); val != user.Login {
|
||||
return false
|
||||
}
|
||||
|
||||
@ -142,7 +140,7 @@ func loginUserWithUser(user *m.User, c *middleware.Context) {
|
||||
days := 86400 * setting.LogInRememberDays
|
||||
if days > 0 {
|
||||
c.SetCookie(setting.CookieUserName, user.Login, days, setting.AppSubUrl+"/")
|
||||
c.SetSuperSecureCookie(util.EncodeMd5(user.Rands+user.Password), setting.CookieRememberName, user.Login, days, setting.AppSubUrl+"/")
|
||||
c.SetSuperSecureCookie(user.Rands+user.Password, setting.CookieRememberName, user.Login, days, setting.AppSubUrl+"/")
|
||||
}
|
||||
|
||||
c.Session.Set(middleware.SESS_KEY_USERID, user.Id)
|
||||
|
Loading…
Reference in New Issue
Block a user