Domain name was hardcoded, use the config file instead.
This commit is contained in:
Robin Malley 2021-04-09 19:16:36 +00:00
parent fd87cf95ee
commit 9e51de6c8e
1 changed files with 2 additions and 1 deletions

View File

@ -35,8 +35,9 @@ local function login_post(req)
local hash = sha3(todigest) local hash = sha3(todigest)
if hash == passhash then if hash == passhash then
local mysession = session.start(id) local mysession = session.start(id)
local domain_no_port = config.domain:match("(.*):.*")
http_response_header(req,"set-cookie",string.format( http_response_header(req,"set-cookie",string.format(
[[session=%s; SameSite=Lax; Path=/; Domain=test.monster; HttpOnly; Secure]],mysession [[session=%s; SameSite=Lax; Path=/; Domain=%s; HttpOnly; Secure]],mysession,domain_no_port
)) ))
local loc = string.format("https://%s.%s",name,config.domain) local loc = string.format("https://%s.%s",name,config.domain)
http_response_header(req,"Location",loc) http_response_header(req,"Location",loc)