try reading session key from post before trying cookie

author Paul Hänsch <paul@plutz.net>

Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)

committer Paul Hänsch <paul@plutz.net>

Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)
author Paul Hänsch <paul@plutz.net>
Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)
committer Paul Hänsch <paul@plutz.net>
Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)
diff --git a/session.sh b/session.sh

index ee5c4993a72df047fe0fc67b3c384f2b5733be48..ad31dfddbf6df8e77a6bfc0aef620e6bfd8e3e94 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -57,7 +57,7 @@ update_session(){
    local session sid time sig serverkey checksig
  
    IFS=- read -r sid time sig <<-END
-       $(COOKIE session)
+       $(POST session_key || COOKIE session)
         END
    serverkey="$(server_key)"
    
@@ -78,6 +78,6 @@ update_session(){
    printf %s\\n "${sid}-${time}-${sig}"
  }
  
-SESSION_ID="$(update_session)"
-SET_COOKIE 0 session="$SESSION_ID" Path=/ SameSite=Strict HttpOnly
-SESSION_ID="${SESSION_ID%%-*}"
+SESSION_KEY="$(update_session)"
+SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+SESSION_ID="${SESSION_KEY%%-*}"
author	Paul Hänsch <paul@plutz.net>
	Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)
committer	Paul Hänsch <paul@plutz.net>
	Wed, 4 Nov 2020 12:06:36 +0000 (13:06 +0100)