세션 최적화
This commit is contained in:
@ -201,7 +201,7 @@ func (caller apiCaller) blockAPI(w http.ResponseWriter, r *http.Request) error {
|
||||
|
||||
bi.Accid = accid
|
||||
caller.mg.bl.add(&bi)
|
||||
mg.sessionProvider.RevokeAll(accid)
|
||||
mg.sessionProvider.Revoke(accid)
|
||||
}
|
||||
}
|
||||
} else if r.Method == "DELETE" {
|
||||
|
||||
@ -681,7 +681,7 @@ func (sh *serviceDescription) authorize_dev(w http.ResponseWriter, r *http.Reque
|
||||
Accid: authinfo.Account,
|
||||
})
|
||||
}
|
||||
sh.sessionProvider.RevokeAll(authinfo.Account)
|
||||
sh.sessionProvider.Revoke(authinfo.Account)
|
||||
}
|
||||
|
||||
return
|
||||
@ -706,7 +706,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
queryvals := r.URL.Query()
|
||||
reqauthtype := queryvals.Get("type")
|
||||
uid := queryvals.Get("id")
|
||||
sk := queryvals.Get("sk")
|
||||
|
||||
checksum := r.Header.Get("AS-X-CHECKSUM")
|
||||
if len(checksum) > 0 || sh.mustUseChecksum {
|
||||
@ -714,7 +713,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
cookie := r.Header.Get("Cookie")
|
||||
|
||||
h := md5.New()
|
||||
h.Write([]byte(cookie + nonce + sk))
|
||||
h.Write([]byte(cookie + nonce))
|
||||
|
||||
if checksum != hex.EncodeToString(h.Sum(nil)) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
@ -722,26 +721,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
}
|
||||
}
|
||||
|
||||
if len(sk) > 0 {
|
||||
success, err := sh.sessionProvider.Touch(sk)
|
||||
if err != nil {
|
||||
logger.Error("authorize failed. sessionProvider.Touch err:", err)
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// !success일 때 빈 body를 보내면 클라이언트는 로그아웃 된다.
|
||||
if success {
|
||||
json.NewEncoder(w).Encode(map[string]any{
|
||||
"sk": sk,
|
||||
"expirein": sh.sessionTTL.Seconds(),
|
||||
})
|
||||
} else {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
var email string
|
||||
if !*noauth && (*authtype == "on" || *authtype == "both") {
|
||||
if len(reqauthtype) > 0 {
|
||||
@ -833,7 +812,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
alias = email
|
||||
}
|
||||
|
||||
sk, err = sh.sessionProvider.New(&session.Authorization{
|
||||
sk, err := sh.sessionProvider.New(&session.Authorization{
|
||||
Account: accid,
|
||||
Platform: reqauthtype,
|
||||
Uid: uid,
|
||||
|
||||
Reference in New Issue
Block a user