Fix issue with cookie expiration

2024-08-15 00:43:26 +00:00 · 2019-03-17 12:40:24 -05:00 · 2019-03-17 12:40:24 -05:00 · 44f4057876
commit 44f4057876
parent d85020079f
1 changed files with 12 additions and 12 deletions
--- a/src/invidious.cr
+++ b/src/invidious.cr
@ -982,12 +982,11 @@ post "/login" do |env|
        preferences = env.get("preferences").as(Preferences)
        PG_DB.exec("UPDATE users SET preferences = $1 WHERE email = $2", preferences, user.email)
-        login.cookies["PREFS"] = HTTP::Cookie.new(name: "PREFS", value: "", expires: Time.new(1990, 1, 1),
+        cookie = env.request.cookies["PREFS"]
-          secure: secure, http_only: true)
+        cookie.expires = Time.new(1990, 1, 1)
        env.response.cookies << cookie
      end
      login.cookies.add_response_headers(env.response.headers)
      env.redirect referer
    rescue ex
      error_message = translate(locale, "Login failed. This may be because two-factor authentication is not enabled on your account.")
@ -1099,8 +1098,9 @@ post "/login" do |env|
      # Since this user has already registered, we don't want to overwrite their preferences
      if env.request.cookies["PREFS"]?
-        env.response.cookies["PREFS"] = HTTP::Cookie.new(name: "PREFS", value: "", expires: Time.new(1990, 1, 1),
+        cookie = env.request.cookies["PREFS"]
-          secure: secure, http_only: true)
+        cookie.expires = Time.new(1990, 1, 1)
        env.response.cookies << cookie
      end
    elsif action == "register"
      if !config.registration_enabled
@ -1156,11 +1156,12 @@ post "/login" do |env|
      end
      if env.request.cookies["PREFS"]?
-        preferences = env.get("preferences").as(Preferences)
+        preferences = env.get("preferences").as(Preferences).to_json
        PG_DB.exec("UPDATE users SET preferences = $1 WHERE email = $2", preferences, user.email)
-        env.response.cookies["PREFS"] = HTTP::Cookie.new(name: "PREFS", value: "", expires: Time.new(1990, 1, 1),
+        cookie = env.request.cookies["PREFS"]
-          secure: secure, http_only: true)
+        cookie.expires = Time.new(1990, 1, 1)
        env.response.cookies << cookie
      end
    end
@ -1193,9 +1194,8 @@ get "/signout" do |env|
    env.request.cookies.each do |cookie|
      cookie.expires = Time.new(1990, 1, 1)
      env.response.cookies << cookie
    end
    env.request.cookies.add_response_headers(env.response.headers)
  end
  env.redirect referer
@ -1803,8 +1803,8 @@ post "/delete_account" do |env|
    env.request.cookies.each do |cookie|
      cookie.expires = Time.new(1990, 1, 1)
      env.response.cookies << cookie
    end
    env.request.cookies.add_response_headers(env.response.headers)
  end
  env.redirect referer