From 2b0a7e378eddac3cd447e6e8ae0ba3559ebb050c Mon Sep 17 00:00:00 2001
From: ed <s@ocv.me>
Date: Fri, 25 Jun 2021 20:39:55 +0200
Subject: [PATCH] persist url-password as cookie

---
 copyparty/httpcli.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index 8866f817..5726fba8 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -181,6 +181,9 @@ class HttpCli(object):
         self.rvol, self.wvol, self.avol = [[], [], []]
         self.asrv.vfs.user_tree(self.uname, self.rvol, self.wvol, self.avol)
 
+        if pwd and "pw" in self.ouparam and pwd != cookies.get("cppwd"):
+            self.out_headers["Set-Cookie"] = self.get_pwd_cookie(pwd)[0]
+
         ua = self.headers.get("user-agent", "")
         self.is_rclone = ua.startswith("rclone/")
         if self.is_rclone:
@@ -758,6 +761,12 @@ class HttpCli(object):
         pwd = self.parser.require("cppwd", 64)
         self.parser.drop()
 
+        ck, msg = self.get_pwd_cookie(pwd)
+        html = self.j2("msg", h1=msg, h2='<a href="/">ack</a>', redir="/")
+        self.reply(html.encode("utf-8"), headers={"Set-Cookie": ck})
+        return True
+
+    def get_pwd_cookie(self, pwd):
         if pwd in self.asrv.iuser:
             msg = "login ok"
             dt = datetime.utcfromtimestamp(time.time() + 60 * 60 * 24 * 365)
@@ -768,9 +777,7 @@ class HttpCli(object):
             exp = "Fri, 15 Aug 1997 01:00:00 GMT"
 
         ck = "cppwd={}; Path=/; Expires={}; SameSite=Lax".format(pwd, exp)
-        html = self.j2("msg", h1=msg, h2='<a href="/">ack</a>', redir="/")
-        self.reply(html.encode("utf-8"), headers={"Set-Cookie": ck})
-        return True
+        return [ck, msg]
 
     def handle_mkdir(self):
         new_dir = self.parser.require("name", 512)