luci-mod-rpc: drop "secret" value from rpc session objects
Drop the "secret" value from RPC session objects in order to make them
compatible with ordinary web sessions used by the LuCI web interface.
That secret value was never used for anything and is the only difference
compared to normal LuCI login sessions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 766643fcf1)
This commit is contained in:
Jo-Philipp Wich
parent
43959e3abd
commit
4c45a52592
1 changed files with 2 additions and 5 deletions
|
|
@ -14,7 +14,6 @@ function session_retrieve(sid, allowed_users)
|
||||||
if type(sdat) == "table" and
|
if type(sdat) == "table" and
|
||||||
type(sdat.values) == "table" and
|
type(sdat.values) == "table" and
|
||||||
type(sdat.values.token) == "string" and
|
type(sdat.values.token) == "string" and
|
||||||
type(sdat.values.secret) == "string" and
|
|
||||||
type(sdat.values.username) == "string" and
|
type(sdat.values.username) == "string" and
|
||||||
util.contains(allowed_users, sdat.values.username)
|
util.contains(allowed_users, sdat.values.username)
|
||||||
then
|
then
|
||||||
|
|
@ -78,8 +77,7 @@ function rpc_auth()
|
||||||
util.ubus("session", "set", {
|
util.ubus("session", "set", {
|
||||||
ubus_rpc_session = login.ubus_rpc_session,
|
ubus_rpc_session = login.ubus_rpc_session,
|
||||||
values = {
|
values = {
|
||||||
token = sys.uniqueid(16),
|
token = sys.uniqueid(16)
|
||||||
secret = sys.uniqueid(16)
|
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
@ -87,8 +85,7 @@ function rpc_auth()
|
||||||
if sdat then
|
if sdat then
|
||||||
return {
|
return {
|
||||||
sid = sid,
|
sid = sid,
|
||||||
token = sdat.token,
|
token = sdat.token
|
||||||
secret = sdat.secret
|
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue