Ivan/commento
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ef0f45527a
commento/api/domain_update.go
Adhityaa ef0f45527a everywhere: use different session cookie names 
If the user is hosting the dashboard in the same domain as
their blog (with a nginx suburi, for example), the two session
cookies clash; logging into one service logs you out of the other.
With this patch, both have separate names.

Fixes https://gitlab.com/commento/commento-ce/issues/49
2018-06-20 08:59:55 +05:30

60 lines
1.4 KiB
Go
Raw Blame History

package main
import (
"net/http"
)
func domainUpdate(d domain) error {
statement := `
UPDATE domains
SET name=$2, state=$3, autoSpamFilter=$4, requireModeration=$5, requireIdentification=$6
WHERE domain=$1;
`
_, err := db.Exec(statement, d.Domain, d.Name, d.State, d.AutoSpamFilter, d.RequireModeration, d.RequireIdentification)
if err != nil {
logger.Errorf("cannot update non-moderators: %v", err)
return errorInternal
}
return nil
}
func domainUpdateHandler(w http.ResponseWriter, r *http.Request) {
type request struct {
OwnerToken *string `json:"ownerToken"`
D *domain `json:"domain"`
}
var x request
if err := unmarshalBody(r, &x); err != nil {
writeBody(w, response{"success": false, "message": err.Error()})
return
}
o, err := ownerGetByOwnerToken(*x.OwnerToken)
if err != nil {
writeBody(w, response{"success": false, "message": err.Error()})
return
}
domain := stripDomain((*x.D).Domain)
isOwner, err := domainOwnershipVerify(o.OwnerHex, domain)
if err != nil {
writeBody(w, response{"success": false, "message": err.Error()})
return
}
if !isOwner {
writeBody(w, response{"success": false, "message": errorNotAuthorised.Error()})
return
}
if err = domainUpdate(*x.D); err != nil {
writeBody(w, response{"success": false, "message": err.Error()})
return
}
writeBody(w, response{"success": true})
}
Reference in New Issue View Git Blame Copy Permalink