![]() |
|
Cookie x-auth - After user password update - Printable Version +- LogicMachine Forum (https://forum.logicmachine.net) +-- Forum: LogicMachine eco-system (https://forum.logicmachine.net/forumdisplay.php?fid=1) +--- Forum: Scripting (https://forum.logicmachine.net/forumdisplay.php?fid=8) +--- Thread: Cookie x-auth - After user password update (/showthread.php?tid=5847) |
Cookie x-auth - After user password update - Fcs - 15.01.2025 Hi all, Even if this is related to my previous post, I prefer to create a new topic to facilitate the search for the next one :-) I have a lp file so that users can change their own password this is my code : Code: if getvar("form-name") == "password" then
local login = getvar('login')
local current_logged_user = request.username
if username ~= "admin" and login ~= current_logged_user then
return nil, 'wrong_user'
end
local password = getvar('user-new-password')
local password_confirmation = getvar("user-new-password-confirmation")
local user = db:getrow('SELECT * FROM users WHERE login=?', login)
if not user then
return nil, 'user_not_found'
end
if password ~= password_confirmation then
return nil, 'match'
end
if #password < 8 or #password > 20 then
return nil, 'length'
end
local password = hashpassword(login, password)
db:update('users', { password = password }, { id = user.id })
io.readproc('/etc/init.d/nginx reload')
return true, nil, string.format("%s:%s", login, password)
endEverythin work, but after the page change, the user has to reconnect, I'd like to avoid this, I saw that an x-auth cookie was added, I tried to find the hash value, but I can't I've tried a base 64 like user:password or user:hash_password... Thanks for the help
RE: Cookie x-auth - After user password update - admin - 15.01.2025 Not possible. Redirect users to /logout after password change. RE: Cookie x-auth - After user password update - Fcs - 05.05.2025 Hi all, I can't find a way to display a link in the form : https://host/logout to build host, I tried local referer = getheader('Referer') local referer = getheader('Host') But I always get bad information except when I'm local. How can I get the current url? Thanks for the help. RE: Cookie x-auth - After user password update - admin - 05.05.2025 You don't need host for local URLs. RE: Cookie x-auth - After user password update - Fcs - 06.05.2025 (05.05.2025, 10:08)admin Wrote: You don't need host for local URLs. but I don't understand, I'm in an application in the data/fcs directory url of my app locally https://192.168.1.20/apps/data/fcs/ to logout, I need to go to : https://192.168.1.20/logout I can manage with the host, but remotely it doesn't work. RE: Cookie x-auth - After user password update - admin - 06.05.2025 Use this for logout link: Code: <a href="/logout">Logout</a>RE: Cookie x-auth - After user password update - Fcs - 06.05.2025 oups.. sorry it was so simple. |