mirror of
https://github.com/plan-player-analytics/Plan.git
synced 2024-12-21 05:50:18 +08:00
Fixed cookie expiry issues
- Fixed cookie cleanup task expiring cookies right away due to wrong way < sign - Fixed cookies not being removed from browser due to Max-Age=1 instead of Max-Age=0 Affects issues: - Fixed #2236
This commit is contained in:
parent
ecff809785
commit
d831bdc9e5
@ -146,7 +146,7 @@ public class RequestHandler implements HttpHandler {
|
|||||||
String directTo = StringUtils.startsWithAny(from, "/auth/", "/login") ? "/login" : "/login?from=." + from;
|
String directTo = StringUtils.startsWithAny(from, "/auth/", "/login") ? "/login" : "/login?from=." + from;
|
||||||
response = Response.builder()
|
response = Response.builder()
|
||||||
.redirectTo(directTo)
|
.redirectTo(directTo)
|
||||||
.setHeader("Set-Cookie", "auth=expired; Path=/; Max-Age=1; SameSite=Lax; Secure;")
|
.setHeader("Set-Cookie", "auth=expired; Path=/; Max-Age=0; SameSite=Lax; Secure;")
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,9 +17,12 @@
|
|||||||
package com.djrapitops.plan.delivery.webserver.auth;
|
package com.djrapitops.plan.delivery.webserver.auth;
|
||||||
|
|
||||||
import com.djrapitops.plan.TaskSystem;
|
import com.djrapitops.plan.TaskSystem;
|
||||||
|
import com.djrapitops.plan.settings.config.PlanConfig;
|
||||||
|
import com.djrapitops.plan.settings.config.paths.PluginSettings;
|
||||||
import dagger.Lazy;
|
import dagger.Lazy;
|
||||||
import net.playeranalytics.plugin.scheduling.RunnableFactory;
|
import net.playeranalytics.plugin.scheduling.RunnableFactory;
|
||||||
import net.playeranalytics.plugin.scheduling.TimeAmount;
|
import net.playeranalytics.plugin.scheduling.TimeAmount;
|
||||||
|
import net.playeranalytics.plugin.server.PluginLogger;
|
||||||
|
|
||||||
import javax.inject.Inject;
|
import javax.inject.Inject;
|
||||||
import javax.inject.Singleton;
|
import javax.inject.Singleton;
|
||||||
@ -32,13 +35,17 @@ import java.util.concurrent.TimeUnit;
|
|||||||
@Singleton
|
@Singleton
|
||||||
public class ActiveCookieExpiryCleanupTask extends TaskSystem.Task {
|
public class ActiveCookieExpiryCleanupTask extends TaskSystem.Task {
|
||||||
|
|
||||||
|
private final PlanConfig config;
|
||||||
private final Lazy<ActiveCookieStore> activeCookieStore;
|
private final Lazy<ActiveCookieStore> activeCookieStore;
|
||||||
|
private final PluginLogger logger;
|
||||||
|
|
||||||
private final Map<String, Long> expiryDates;
|
private final Map<String, Long> expiryDates;
|
||||||
|
|
||||||
@Inject
|
@Inject
|
||||||
public ActiveCookieExpiryCleanupTask(Lazy<ActiveCookieStore> activeCookieStore) {
|
public ActiveCookieExpiryCleanupTask(PlanConfig config, Lazy<ActiveCookieStore> activeCookieStore, PluginLogger logger) {
|
||||||
|
this.config = config;
|
||||||
this.activeCookieStore = activeCookieStore;
|
this.activeCookieStore = activeCookieStore;
|
||||||
|
this.logger = logger;
|
||||||
this.expiryDates = new ConcurrentHashMap<>();
|
this.expiryDates = new ConcurrentHashMap<>();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -56,14 +63,21 @@ public class ActiveCookieExpiryCleanupTask extends TaskSystem.Task {
|
|||||||
Set<String> removed = new HashSet<>();
|
Set<String> removed = new HashSet<>();
|
||||||
for (Map.Entry<String, Long> entry : expiryDates.entrySet()) {
|
for (Map.Entry<String, Long> entry : expiryDates.entrySet()) {
|
||||||
Long expiryTime = entry.getValue();
|
Long expiryTime = entry.getValue();
|
||||||
if (expiryTime >= time) {
|
if (config.isTrue(PluginSettings.DEV_MODE)) {
|
||||||
|
logger.info("Cookie " + entry.getKey() + " will expire " + expiryTime);
|
||||||
|
}
|
||||||
|
if (expiryTime <= time) {
|
||||||
String cookie = entry.getKey();
|
String cookie = entry.getKey();
|
||||||
activeCookieStore.get().removeCookie(cookie);
|
activeCookieStore.get().removeCookie(cookie);
|
||||||
|
removed.add(cookie);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
for (String removedCookie : removed) {
|
for (String removedCookie : removed) {
|
||||||
expiryDates.remove(removedCookie);
|
expiryDates.remove(removedCookie);
|
||||||
|
if (config.isTrue(PluginSettings.DEV_MODE)) {
|
||||||
|
logger.info("Cookie " + removedCookie + " has expired: " + time);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -63,7 +63,7 @@ public class LogoutResolver implements NoAuthResolver {
|
|||||||
public Response getResponse() {
|
public Response getResponse() {
|
||||||
return Response.builder()
|
return Response.builder()
|
||||||
.redirectTo("/login")
|
.redirectTo("/login")
|
||||||
.setHeader("Set-Cookie", "auth=expired; Max-Age=1; SameSite=Lax; Secure;")
|
.setHeader("Set-Cookie", "auth=expired; Max-Age=0; SameSite=Lax; Secure;")
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user