diff options
Diffstat (limited to 'lib/api/api.go')
-rw-r--r-- | lib/api/api.go | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/api/api.go b/lib/api/api.go index 1f2fd3a55..065b634d4 100644 --- a/lib/api/api.go +++ b/lib/api/api.go @@ -365,15 +365,15 @@ func (s *service) Serve(ctx context.Context) error { // Wrap everything in CSRF protection. The /rest prefix should be // protected, other requests will grant cookies. - var handler http.Handler = newCsrfManager(s.id.String()[:5], "/rest", guiCfg, mux, locations.Get(locations.CsrfTokens)) + var handler http.Handler = newCsrfManager(s.id.Short().String(), "/rest", guiCfg, mux, locations.Get(locations.CsrfTokens)) // Add our version and ID as a header to responses handler = withDetailsMiddleware(s.id, handler) // Wrap everything in basic auth, if user/password is set. if guiCfg.IsAuthEnabled() { - sessionCookieName := "sessionid-" + s.id.String()[:5] - handler = basicAuthAndSessionMiddleware(sessionCookieName, guiCfg, s.cfg.LDAP(), handler, s.evLogger) + sessionCookieName := "sessionid-" + s.id.Short().String() + handler = basicAuthAndSessionMiddleware(sessionCookieName, s.id.Short().String(), guiCfg, s.cfg.LDAP(), handler, s.evLogger) handlePasswordAuth := passwordAuthHandler(sessionCookieName, guiCfg, s.cfg.LDAP(), s.evLogger) restMux.Handler(http.MethodPost, "/rest/noauth/auth/password", handlePasswordAuth) @@ -719,6 +719,7 @@ func (*service) getSystemPaths(w http.ResponseWriter, _ *http.Request) { func (s *service) getJSMetadata(w http.ResponseWriter, _ *http.Request) { meta, _ := json.Marshal(map[string]interface{}{ "deviceID": s.id.String(), + "deviceIDShort": s.id.Short().String(), "authenticated": true, }) w.Header().Set("Content-Type", "application/javascript") |