From aaf46df039e5107ca20f1234ff7b5a4a22ea0414 Mon Sep 17 00:00:00 2001
From: NewbieOrange <NewbieOrange@users.noreply.github.com>
Date: Wed, 28 Jul 2021 22:43:52 +0800
Subject: [PATCH] Always assign token if user does not have a valid one

---
 management/auth.py   |  2 +-
 management/daemon.py | 12 +++++++++---
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/management/auth.py b/management/auth.py
index 30f88190..52750732 100644
--- a/management/auth.py
+++ b/management/auth.py
@@ -143,7 +143,7 @@ class KeyAuthService:
 
 	def validate_user_token(self, email, request, env):
 		# Check whether the provided token in request cookie matches the one we stored for the user.
-		return self.check_user_token(email, request.cookies.get("token"), request, env)
+		return self.check_user_token(email, request.cookies.get("miab-cp-token"), request, env)
 
 	def create_user_key(self, email, env):
 		# Create a user API key, which is a shared secret that we can re-generate from
diff --git a/management/daemon.py b/management/daemon.py
index c8de7833..579d017d 100755
--- a/management/daemon.py
+++ b/management/daemon.py
@@ -51,7 +51,7 @@ def authorized_personnel_only(viewfunc):
 		privs = []
 
 		try:
-			email, privs, _ = auth_service.authenticate(request, env)
+			email, privs, token = auth_service.authenticate(request, env)
 		except ValueError as e:
 			# Write a line in the log recording the failed login
 			log_failed_login(request)
@@ -67,7 +67,13 @@ def authorized_personnel_only(viewfunc):
 			request.user_privs = privs
 
 			# Call view func.
-			return viewfunc(*args, **kwargs)
+			resp = viewfunc(*args, **kwargs)
+
+			# Set authentication token for admin munin routes.
+			if token:
+				resp.set_cookie("miab-cp-token", value=token, secure=True, httponly=True, samesite='Lax')
+
+			return resp
 
 		if not error:
 			error = "You are not an administrator."
@@ -163,7 +169,7 @@ def me():
 	resp = json_response(resp)
 	# Set authentication token for admin munin routes.
 	if "admin" in privs and token:
-		resp.set_cookie("token", value=token, secure=True, httponly=True, samesite='Lax')
+		resp.set_cookie("miab-cp-token", value=token, secure=True, httponly=True, samesite='Lax')
 
 	# Return.
 	return resp