From 69cecf8022e4c26618b2364b86b147359aa50dc2 Mon Sep 17 00:00:00 2001
From: amass <amass.law1996@gmail.com>
Date: Thu, 9 Jan 2025 19:38:36 +0800
Subject: [PATCH] fix logout set domain.

---
 WebApplication/Restful.cpp | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/WebApplication/Restful.cpp b/WebApplication/Restful.cpp
index 7958c85..531ce00 100644
--- a/WebApplication/Restful.cpp
+++ b/WebApplication/Restful.cpp
@@ -16,7 +16,7 @@ DBO_INSTANTIATE_TEMPLATES(MyMessage)
 
 void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) {
     auto tag = request.urlParam("tag");
-    // LOG(info) << "path: " << request.path() << ", tag: " << tag;
+    // LOG(info) << "path: " << request.path() << ", tag: " << tag << ", server: " << request.hostName();
     response.setMimeType("application/json");
     MyMessage message;
     auto app = Amass::Singleton<WebToolkit::Server>::instance();
@@ -47,8 +47,12 @@ void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt:
         using namespace boost::beast::http;
         response.setStatus(static_cast<int>(state == Wt::Auth::AuthTokenState::Valid ? status::ok : status::unauthorized));
     } else { // logout
-        response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
-                                                     service.authTokenCookieName(), AuthModel::CookiePath));
+        auto domain = request.hostName();
+        if (domain.find("amass.fun") != std::string::npos) {
+            domain = AuthModel::CookieDomain;
+        }
+        response.addHeader("Set-Cookie", std::format("{}=; path={}; Domain={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
+                                                     service.authTokenCookieName(), AuthModel::CookiePath, domain));
     }
     Wt::Dbo::JsonSerializer writer(response.out());
     writer.serialize(message);