Merge pull request #421 from Abyss777/fix_password_cookie

Save cookie credentials in base64

1 files changed, 5 insertions, 2 deletions

diff --git a/web/app/view/LoginController.js b/web/app/view/LoginController.js
index 436a153..9e8e835 100644
--- a/web/app/view/LoginController.js
+++ b/web/app/view/LoginController.js
@@ -40,11 +40,14 @@ Ext.define('Traccar.view.LoginController', {
                 url: 'api/session',
                 params: form.getValues(),
                 callback: function (options, success, response) {
+                    var user, password;
                     Ext.get('spinner').setVisible(false);
                     if (success) {
                         if (this.lookupReference('rememberField').getValue()) {
-                            Ext.util.Cookies.set('user', this.lookupReference('userField').getValue(), Ext.Date.add(new Date(), Ext.Date.YEAR, 1));
-                            Ext.util.Cookies.set('password', this.lookupReference('passwordField').getValue(), Ext.Date.add(new Date(), Ext.Date.YEAR, 1));
+                            user = Ext.util.Base64.encode(this.lookupReference('userField').getValue());
+                            password = Ext.util.Base64.encode(this.lookupReference('passwordField').getValue());
+                            Ext.util.Cookies.set('user', user, Ext.Date.add(new Date(), Ext.Date.YEAR, 1));
+                            Ext.util.Cookies.set('password', password, Ext.Date.add(new Date(), Ext.Date.YEAR, 1));
                         }
                         Traccar.app.setUser(Ext.decode(response.responseText));
                         this.fireViewEvent('login');