61 lines
1.6 KiB
Lua
61 lines
1.6 KiB
Lua
local cjson = require "cjson"
|
|
|
|
local function add_domain(cookies, key, domain)
|
|
if type(cookies) == "string" then -- 确保 set_cookies 是一个表
|
|
cookies = { cookies }
|
|
end
|
|
|
|
local new_cookies = {} -- 查找并修改名为 'remember' 的 Cookie
|
|
for _, cookie in ipairs(cookies) do
|
|
local cookie_key, value = string.match(cookie, "^%s*(.-)%s*=%s*(.-)%s*;")
|
|
if cookie_key == key then
|
|
local new_cookie = value .. "; Domain=" .. domain .. "; Path=/; HttpOnly; SameSite=Lax"
|
|
table.insert(new_cookies, key.."=" .. new_cookie)
|
|
else
|
|
table.insert(new_cookies, cookie)
|
|
end
|
|
end
|
|
|
|
return new_cookies;
|
|
end
|
|
|
|
ngx.req.read_body()
|
|
local body = ngx.req.get_body_data()
|
|
|
|
if not body then
|
|
ngx.status = ngx.HTTP_BAD_REQUEST
|
|
ngx.say("No body found")
|
|
return
|
|
end
|
|
|
|
local ok, json_data = pcall(cjson.decode, body)
|
|
if not ok then
|
|
ngx.status = ngx.HTTP_BAD_REQUEST
|
|
ngx.say("Invalid JSON")
|
|
return
|
|
end
|
|
|
|
local user_account = json_data.account
|
|
local user_password = json_data.password
|
|
|
|
local reply = {}
|
|
|
|
local session = require "resty.session".start()
|
|
|
|
local accounts = require("lua/accounts")
|
|
local credentials = accounts.credentials()
|
|
if credentials and credentials[user_account] == user_password then
|
|
reply.status = 0
|
|
reply.message = "登录成功"
|
|
session:set("account", user_account)
|
|
session:set("authenticated", true)
|
|
session:save()
|
|
|
|
ngx.header["Set-Cookie"] = add_domain(ngx.header["Set-Cookie"], "remember", ".amass.fun");
|
|
else
|
|
reply.status = -100
|
|
reply.message = "登录失败"
|
|
end
|
|
|
|
ngx.say(cjson.encode(reply))
|