CraftAttack/varo-website
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make admin cookie name variable
All checks were successful
deploy / build-and-deploy (/testvaro, /opt/website-test, website-test) (push) Successful in 24s
Details
deploy / build-and-deploy (/varo, /opt/website, website) (push) Successful in 23s
Details

Browse Source
This commit is contained in:
bytedream
2025-06-09 15:45:21 +02:00
parent eb45e03f16
commit b8ed48a68b
3 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env.example
View File

@ -4,10 +4,11 @@ DATABASE_URI=mysql://website:website@localhost:3306/website
ADMIN_USER=admin ADMIN_USER=admin
ADMIN_PASSWORD=admin ADMIN_PASSWORD=admin
ADMIN_COOKIE=muelleel
TEAMSPEAK_LINK=http://example.com TEAMSPEAK_LINK=http://example.com
DISCORD_LINK=http://example.com DISCORD_LINK=http://example.com
PAYPAL_LINK=http://example.com PAYPAL_LINK=http://example.com
SERVER_IP=1.1.1.1 SERVER_IP=1.1.1.1
BASE_PATH=http://localhost:4321/varo BASE_PATH=http://localhost:4321

1
astro.config.mjs
View File

@ -36,6 +36,7 @@ export default defineConfig({
ADMIN_USER: envField.string({ context: 'server', access: 'secret', optional: true }), ADMIN_USER: envField.string({ context: 'server', access: 'secret', optional: true }),
ADMIN_PASSWORD: envField.string({ context: 'server', access: 'secret', optional: true }), ADMIN_PASSWORD: envField.string({ context: 'server', access: 'secret', optional: true }),
ADMIN_COOKIE: envField.string({ context: 'server', access: 'secret', default: 'muelleel' }),
START_DATE: envField.string({ context: 'server', access: 'secret', default: '1970-01-01' }), START_DATE: envField.string({ context: 'server', access: 'secret', default: '1970-01-01' }),

10
src/util/session.ts
View File

@ -2,9 +2,9 @@ import type { AstroCookies, AstroCookieSetOptions } from 'astro';
import { ActionError } from 'astro:actions'; import { ActionError } from 'astro:actions';
import crypto from 'node:crypto'; import crypto from 'node:crypto';
import { Permissions } from './permissions.ts'; import { Permissions } from './permissions.ts';
import { ADMIN_COOKIE } from 'astro:env/server';
export class Session { export class Session {
static readonly #cookieName = 'muelleel';
static readonly #cookieOptions: AstroCookieSetOptions = { static readonly #cookieOptions: AstroCookieSetOptions = {
httpOnly: true, httpOnly: true,
path: '/', path: '/',
@ -28,7 +28,7 @@ export class Session {
for (let i = 0; i < Session.#sessions.length; i++) { for (let i = 0; i < Session.#sessions.length; i++) {
if (Session.#sessions[i] == this) { if (Session.#sessions[i] == this) {
Session.#sessions = Session.#sessions.splice(i, 1); Session.#sessions = Session.#sessions.splice(i, 1);
if (cookies) cookies.delete(Session.#cookieName, Session.#cookieOptions); if (cookies) cookies.delete(ADMIN_COOKIE, Session.#cookieOptions);
break; break;
} }
} }
@ -38,13 +38,13 @@ export class Session {
const session = new Session(crypto.randomBytes(16).toString('hex'), adminId, permissions); const session = new Session(crypto.randomBytes(16).toString('hex'), adminId, permissions);
Session.#sessions.push(session); Session.#sessions.push(session);
cookies.set(Session.#cookieName, session.sessionId, Session.#cookieOptions); cookies.set(ADMIN_COOKIE, session.sessionId, Session.#cookieOptions);
return session; return session;
} }
static sessionFromCookies(cookies: AstroCookies, neededPermissions?: Permissions) { static sessionFromCookies(cookies: AstroCookies, neededPermissions?: Permissions) {
const sessionId = cookies.get(Session.#cookieName); const sessionId = cookies.get(ADMIN_COOKIE);
if (!sessionId) return null; if (!sessionId) return null;
for (const session of Session.#sessions) { for (const session of Session.#sessions) {
@ -60,7 +60,7 @@ export class Session {
} }
static actionSessionFromCookies(cookies: AstroCookies, neededPermissions?: Permissions) { static actionSessionFromCookies(cookies: AstroCookies, neededPermissions?: Permissions) {
const sessionId = cookies.get(Session.#cookieName); const sessionId = cookies.get(ADMIN_COOKIE);
if (!sessionId) throw new ActionError({ code: 'UNAUTHORIZED' }); if (!sessionId) throw new ActionError({ code: 'UNAUTHORIZED' });
for (const session of Session.#sessions) { for (const session of Session.#sessions) {