Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

web: update permissions on cookie refresh

Browse Source
This commit is contained in:
Nicola Murino
2021-11-20 10:48:39 +01:00
parent c41319bb7a
commit fb8f013ea7
5 changed files with 68 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
httpd/server.go
View File

@@ -816,6 +816,7 @@ func (s *httpdServer) refreshClientToken(w http.ResponseWriter, r *http.Request,
return
}
tokenClaims.Permissions = user.Filters.WebClient
logger.Debug(logSender, "", "cookie refreshed for user %#v", user.Username)
tokenClaims.createAndSetCookie(w, r, s.tokenAuth, tokenAudienceWebClient) //nolint:errcheck
}
@@ -837,6 +838,7 @@ func (s *httpdServer) refreshAdminToken(w http.ResponseWriter, r *http.Request,
logger.Debug(logSender, "", "admin %#v cannot login from %v, unable to refresh cookie", admin.Username, r.RemoteAddr)
return
}
tokenClaims.Permissions = admin.Permissions
logger.Debug(logSender, "", "cookie refreshed for admin %#v", admin.Username)
tokenClaims.createAndSetCookie(w, r, s.tokenAuth, tokenAudienceWebAdmin) //nolint:errcheck
}