c42837e
c42837e64b03e07062a33f5dd53a3c2dcc54ec359f24a0e
0b93498| Status | File | + | - |
|---|---|---|---|
| M |
internal/auth/session/session.go
|
7 | 6 |
internal/auth/session/session.gomodified@@ -28,12 +28,13 @@ const DefaultMaxAge = 30 * 24 * time.Hour | ||
| 28 | 28 | // Session is the data carried in a cookie. The shape is intentionally |
| 29 | 29 | // small; anything that doesn't fit a few hundred bytes belongs server-side. |
| 30 | 30 | type Session struct { |
| 31 | - UserID int64 `json:"uid,omitempty"` | |
| 32 | - CSRFToken string `json:"csrf,omitempty"` | |
| 33 | - Theme string `json:"theme,omitempty"` | |
| 34 | - Flashes []string `json:"flashes,omitempty"` | |
| 35 | - Extras map[string]string `json:"extras,omitempty"` | |
| 36 | - IssuedAt int64 `json:"iat,omitempty"` | |
| 31 | + UserID int64 `json:"uid,omitempty"` | |
| 32 | + Pre2FAUserID int64 `json:"p2,omitempty"` // set after password OK, before TOTP step | |
| 33 | + CSRFToken string `json:"csrf,omitempty"` | |
| 34 | + Theme string `json:"theme,omitempty"` | |
| 35 | + Flashes []string `json:"flashes,omitempty"` | |
| 36 | + Extras map[string]string `json:"extras,omitempty"` | |
| 37 | + IssuedAt int64 `json:"iat,omitempty"` | |
| 37 | 38 | } |
| 38 | 39 | |
| 39 | 40 | // IsAnonymous returns true when no user is bound to the session. |