diff --git a/backend/login.php b/backend/login.php
index 8e7db2d..8638476 100644
--- a/backend/login.php
+++ b/backend/login.php
@@ -1,7 +1,6 @@
-
+
Log in with Jakach Auth
First user automatically becomes admin
diff --git a/docker/Dockerfile.php b/docker/Dockerfile.php
index fe1f913..fed7843 100644
--- a/docker/Dockerfile.php
+++ b/docker/Dockerfile.php
@@ -1,5 +1,10 @@
FROM php:8.2-fpm
-RUN docker-php-ext-install pdo pdo_mysql
+RUN apt-get update && apt-get install -y libcurl4-openssl-dev && \
+ docker-php-ext-install pdo pdo_mysql curl && \
+ mkdir -p /tmp/sessions && \
+ chmod 777 /tmp/sessions
+
+COPY docker/php.ini /usr/local/etc/php/conf.d/neptune.ini
WORKDIR /var/www/backend
\ No newline at end of file
diff --git a/docker/php.ini b/docker/php.ini
new file mode 100644
index 0000000..580d783
--- /dev/null
+++ b/docker/php.ini
@@ -0,0 +1,6 @@
+session.save_path = /tmp/sessions
+session.gc_maxlifetime = 86400
+session.cookie_lifetime = 0
+session.use_strict_mode = 1
+session.cookie_httponly = 1
+session.cookie_samesite = Lax
\ No newline at end of file
diff --git a/frontend/assets/js/app.js b/frontend/assets/js/app.js
index 509d3a4..b9b32e7 100644
--- a/frontend/assets/js/app.js
+++ b/frontend/assets/js/app.js
@@ -892,6 +892,10 @@ let currentRole = null;
async function checkSession() {
try {
const res = await fetch('/api/session');
+ if (res.redirected || !res.ok) {
+ window.location.replace('/login.php');
+ return;
+ }
const data = await res.json();
if (data.loggedin) {
currentUser = data.username;
@@ -901,10 +905,27 @@ async function checkSession() {
document.getElementById('settingsBtn').classList.remove('d-none');
}
} else {
- window.location.href = '/login.php';
+ window.location.replace('/login.php');
}
} catch (e) {
- window.location.href = '/login.php';
+ // Retry once after a brief delay in case of transient network issue
+ setTimeout(async () => {
+ try {
+ const res = await fetch('/api/session');
+ if (!res.ok || res.redirected) throw new Error();
+ const data = await res.json();
+ if (data.loggedin) {
+ currentUser = data.username;
+ currentRole = data.role;
+ document.getElementById('userDisplay').textContent = data.username;
+ if (data.role === 'admin' || data.admin_count === 0) {
+ document.getElementById('settingsBtn').classList.remove('d-none');
+ }
+ return;
+ }
+ } catch (_) {}
+ window.location.replace('/login.php');
+ }, 500);
}
}