From a960c71e761e6e86b7fe67fe00cf80ddc6fb90f4 Mon Sep 17 00:00:00 2001
From: ntr <ntr@smokestack.io>
Date: Tue, 30 Jul 2019 15:05:25 +1000
Subject: [PATCH 1/2] version

---
 VERSION             | 2 +-
 client/package.json | 2 +-
 ops/package.json    | 2 +-
 server/Cargo.toml   | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/VERSION b/VERSION
index 6c6aa7cb..341cf11f 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.1.0
\ No newline at end of file
+0.2.0
\ No newline at end of file
diff --git a/client/package.json b/client/package.json
index 7fcacae2..d5e82d19 100644
--- a/client/package.json
+++ b/client/package.json
@@ -1,6 +1,6 @@
 {
   "name": "mnml-client",
-  "version": "1.0.0",
+  "version": "0.2.0",
   "description": "",
   "main": "index.js",
   "scripts": {
diff --git a/ops/package.json b/ops/package.json
index 1eb603d9..c56c6e06 100755
--- a/ops/package.json
+++ b/ops/package.json
@@ -1,6 +1,6 @@
 {
   "name": "mnml-ops",
-  "version": "1.0.0",
+  "version": "0.2.0",
   "description": "",
   "main": "index.js",
   "scripts": {
diff --git a/server/Cargo.toml b/server/Cargo.toml
index 1a238de3..65fe2117 100644
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "mnml"
-version = "0.1.0"
+version = "0.2.0"
 authors = ["ntr <ntr@smokestack.io>"]
 
 [dependencies]

From 69c95c27ac068fe1cf2c69a55fb7bd4cadcc4f7f Mon Sep 17 00:00:00 2001
From: ntr <ntr@smokestack.io>
Date: Tue, 30 Jul 2019 15:43:01 +1000
Subject: [PATCH 2/2] fix cookies on ws auth

---
 server/src/net.rs | 8 ++------
 server/src/rpc.rs | 8 ++++++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/server/src/net.rs b/server/src/net.rs
index b67abe78..e24df0ff 100644
--- a/server/src/net.rs
+++ b/server/src/net.rs
@@ -11,14 +11,13 @@ use persistent::Read;
 use router::Router;
 use serde::{Serialize, Deserialize};
 
-// use warden::{warden};
-// use events::{pg_listen};
-// use ws::{connect};
 use account;
 use pg::PgPool;
 use payments::{stripe};
 
 pub const TOKEN_HEADER: &str = "x-auth-token";
+pub const AUTH_CLEAR: &str =
+    "x-auth-token=; HttpOnly; SameSite=Strict; Max-Age=-1;";
 
 #[derive(Clone, Copy, Fail, Debug, Serialize, Deserialize)]
 pub enum MnmlHttpError {
@@ -142,9 +141,6 @@ impl BeforeMiddleware for AuthMiddleware {
     }
 }
 
-const AUTH_CLEAR: &str =
-    "x-auth-token=; HttpOnly; SameSite=Strict; Max-Age=-1;";
-
 struct ErrorHandler;
 impl AfterMiddleware for ErrorHandler {
     fn catch(&self, _: &mut Request, mut err: IronError) -> IronResult<Response> {
diff --git a/server/src/rpc.rs b/server/src/rpc.rs
index b137ad66..36fb9ca3 100644
--- a/server/src/rpc.rs
+++ b/server/src/rpc.rs
@@ -26,7 +26,7 @@ use pg::{Db};
 use pg::{PgPool};
 use skill::{Skill, dev_resolve, Resolutions};
 use vbox::{vbox_accept, vbox_apply, vbox_discard, vbox_combine, vbox_reclaim, vbox_unequip};
-use net::TOKEN_HEADER;
+use net::{AUTH_CLEAR, TOKEN_HEADER};
 
 #[derive(Debug,Clone,Serialize,Deserialize)]
 pub enum RpcMessage {
@@ -289,7 +289,11 @@ impl Handler for Connection {
         let res = Response::from_request(req)?;
 
         if let Some(cl) = req.header("Cookie") {
-            let unauth = || Ok(Response::new(401, "Unauthorized", b"401 - Unauthorized".to_vec()));
+            let unauth = || {
+                let mut res = Response::new(401, "Unauthorized", b"401 - Unauthorized".to_vec());
+                res.headers_mut().push(("Set-Cookie".into(), AUTH_CLEAR.into()));
+                Ok(res)
+            };
             let cookie_list = match str::from_utf8(cl) {
                 Ok(cl) => cl,
                 Err(_) => return unauth(),