[Admin UI] Login not possible due to securecookie error (#7374)

* [Admin UI] Login not possible due to securecookie error * avoid 404 favicon * Update weed/admin/dash/auth_middleware.go Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * address comments * avoid variable over shadowing * log session save error --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2025-10-24 12:48:59 -07:00
parent bf58c5a688
commit 9f4075441c
3 changed files with 87 additions and 27 deletions
--- a/weed/admin/dash/auth_middleware.go
+++ b/weed/admin/dash/auth_middleware.go
@@ -5,6 +5,7 @@ import (

 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
+	"github.com/seaweedfs/seaweedfs/weed/glog"
 )

 // ShowLogin displays the login page
@@ -31,9 +32,16 @@ func (s *AdminServer) HandleLogin(username, password string) gin.HandlerFunc {

 		if loginUsername == username && loginPassword == password {
 			session := sessions.Default(c)
+			// Clear any existing invalid session data before setting new values
+			session.Clear()
 			session.Set("authenticated", true)
 			session.Set("username", loginUsername)
-			session.Save()
+			if err := session.Save(); err != nil {
+				// Log the detailed error server-side for diagnostics
+				glog.Errorf("Failed to save session for user %s: %v", loginUsername, err)
+				c.Redirect(http.StatusSeeOther, "/login?error=Unable to create session. Please try again or contact administrator.")
+				return
+			}

 			c.Redirect(http.StatusSeeOther, "/admin")
 			return
@@ -48,6 +56,8 @@ func (s *AdminServer) HandleLogin(username, password string) gin.HandlerFunc {
 func (s *AdminServer) HandleLogout(c *gin.Context) {
 	session := sessions.Default(c)
 	session.Clear()
-	session.Save()
+	if err := session.Save(); err != nil {
+		glog.Warningf("Failed to save session during logout: %v", err)
+	}
 	c.Redirect(http.StatusSeeOther, "/login")
 }
--- a/weed/admin/handlers/admin_handlers.go
+++ b/weed/admin/handlers/admin_handlers.go
@@ -48,6 +48,11 @@ func (h *AdminHandlers) SetupRoutes(r *gin.Engine, authRequired bool, username,
 	// Health check (no auth required)
 	r.GET("/health", h.HealthCheck)

+	// Favicon route (no auth required) - redirect to static version
+	r.GET("/favicon.ico", func(c *gin.Context) {
+		c.Redirect(http.StatusMovedPermanently, "/static/favicon.ico")
+	})
+
 	if authRequired {
 		// Authentication routes (no auth required)
 		r.GET("/login", h.authHandlers.ShowLogin)