mirror of
https://github.com/ordinary-dev/phoenix
synced 2024-09-19 19:30:28 +05:00
Add an option to control the secure
parameter for cookies
This commit is contained in:
parent
3520042abe
commit
7e2559afcb
4
.env
4
.env
|
@ -3,3 +3,7 @@ P_DBPATH="db.sqlite3"
|
||||||
P_LOGLEVEL="debug"
|
P_LOGLEVEL="debug"
|
||||||
P_ENABLEGINLOGGER="true"
|
P_ENABLEGINLOGGER="true"
|
||||||
P_PRODUCTION="false"
|
P_PRODUCTION="false"
|
||||||
|
|
||||||
|
# Disabled for development
|
||||||
|
# (not recommended for production environments)
|
||||||
|
P_SECURECOOKIE="false"
|
||||||
|
|
|
@ -15,6 +15,8 @@ type Config struct {
|
||||||
HeaderAuth bool `default:"false"`
|
HeaderAuth bool `default:"false"`
|
||||||
DefaultUsername string
|
DefaultUsername string
|
||||||
DefaultPassword string
|
DefaultPassword string
|
||||||
|
// Controls the "secure" option for a token cookie.
|
||||||
|
SecureCookie bool `default:"true"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetConfig() (*Config, error) {
|
func GetConfig() (*Config, error) {
|
||||||
|
|
|
@ -24,6 +24,7 @@ Service settings can be set through environment variables.
|
||||||
| P_HEADERAUTH | Enable Trusted Header Auth (SSO) | `false` |
|
| P_HEADERAUTH | Enable Trusted Header Auth (SSO) | `false` |
|
||||||
| P_DEFAULTUSERNAME | Data for the first user. | |
|
| P_DEFAULTUSERNAME | Data for the first user. | |
|
||||||
| P_DEFAULTPASSWORD | Data for the first user. | |
|
| P_DEFAULTPASSWORD | Data for the first user. | |
|
||||||
|
| P_SECURECOOKIE | Controls the "secure" option for a token cookie. | `true` |
|
||||||
|
|
||||||
## Docker-compose example
|
## Docker-compose example
|
||||||
```yml
|
```yml
|
||||||
|
|
|
@ -79,7 +79,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
||||||
ShowError(c, err)
|
ShowError(c, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
SetTokenCookie(c, token)
|
SetTokenCookie(c, token, cfg)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -99,7 +99,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
||||||
ShowError(c, err)
|
ShowError(c, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
SetTokenCookie(c, newToken)
|
SetTokenCookie(c, newToken, cfg)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -132,7 +132,7 @@ func CreateUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
||||||
ShowError(c, err)
|
ShowError(c, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
SetTokenCookie(c, token)
|
SetTokenCookie(c, token, cfg)
|
||||||
|
|
||||||
// Redirect to homepage.
|
// Redirect to homepage.
|
||||||
c.Redirect(http.StatusFound, "/")
|
c.Redirect(http.StatusFound, "/")
|
||||||
|
@ -154,13 +154,13 @@ func AuthorizeUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
||||||
ShowError(c, err)
|
ShowError(c, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
SetTokenCookie(c, token)
|
SetTokenCookie(c, token, cfg)
|
||||||
|
|
||||||
// Redirect to homepage.
|
// Redirect to homepage.
|
||||||
c.Redirect(http.StatusFound, "/")
|
c.Redirect(http.StatusFound, "/")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Save token for one day in cookies
|
// Save token in cookies
|
||||||
func SetTokenCookie(c *gin.Context, token string) {
|
func SetTokenCookie(c *gin.Context, token string, cfg *config.Config) {
|
||||||
c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", false, true)
|
c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", cfg.SecureCookie, true)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue