diff options
Diffstat (limited to 'libs/web')
-rw-r--r-- | libs/web/luasrc/dispatcher.lua | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/libs/web/luasrc/dispatcher.lua b/libs/web/luasrc/dispatcher.lua index 3ee42d72b..3cfa6c704 100644 --- a/libs/web/luasrc/dispatcher.lua +++ b/libs/web/luasrc/dispatcher.lua @@ -187,13 +187,15 @@ function dispatch(request) if not luci.util.contains(accs, user) then if authen then - local user = authen(luci.sys.user.checkpasswd, accs, def) + local user, sess = authen(luci.sys.user.checkpasswd, accs, def) if not user or not luci.util.contains(accs, user) then return else - local sid = luci.sys.uniqueid(16) + local sid = sess or luci.sys.uniqueid(16) luci.http.header("Set-Cookie", "sysauth=" .. sid.."; path=/") - luci.sauth.write(sid, user) + if not sess then + luci.sauth.write(sid, user) + end end else luci.http.status(403, "Forbidden") |