From 96aa687feaccf2d5381318279c0ca0929f791546 Mon Sep 17 00:00:00 2001
From: xiongziliang <771730766@qq.com>
Date: Wed, 11 Sep 2019 16:37:49 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84http=E6=96=87=E4=BB=B6?=
 =?UTF-8?q?=E8=AE=BF=E9=97=AE=E9=89=B4=E6=9D=83=E9=80=BB=E8=BE=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/Http/HttpSession.cpp | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/Http/HttpSession.cpp b/src/Http/HttpSession.cpp
index 0cd0fa24..b986e7ac 100644
--- a/src/Http/HttpSession.cpp
+++ b/src/Http/HttpSession.cpp
@@ -391,9 +391,12 @@ inline void HttpSession::canAccessPath(const string &path_in,bool is_dir,const f
     auto uid = getClientUid();
     //先根据http头中的cookie字段获取cookie
     HttpServerCookie::Ptr cookie = HttpCookieManager::Instance().getCookie(kCookieName, _parser.getValues());
+    //如果不是从http头中找到的cookie,我们让http客户端设置下cookie
+    bool cookie_from_header = true;
     if(!cookie){
         //客户端请求中无cookie,再根据该用户的用户id获取cookie
         cookie = HttpCookieManager::Instance().getCookieByUid(kCookieName, uid);
+        cookie_from_header = false;
     }
 
     if(cookie){
@@ -405,13 +408,13 @@ inline void HttpSession::canAccessPath(const string &path_in,bool is_dir,const f
             //上次cookie是限定本目录
             if(accessErr.empty()){
                 //上次鉴权成功
-                callback("", nullptr);
+                callback("", cookie_from_header ? nullptr : cookie);
                 return;
             }
-            //上次鉴权失败，如果url发生变更，那么也重新鉴权
+            //上次鉴权失败，但是如果url参数发生变更，那么也重新鉴权下
             if (_parser.Params().empty() || _parser.Params() == cookie->getUid()) {
-                //url参数未变，那么判断无权限访问
-                callback(accessErr.empty() ? "无权限访问该目录" : accessErr, nullptr);
+                //url参数未变，或者本来就没有url参数，那么判断本次请求为重复请求，无访问权限
+                callback(accessErr, cookie_from_header ? nullptr : cookie);
                 return;
             }
         }