lumin/phoenix
1
0
Fork 0
mirror of https://github.com/ordinary-dev/phoenix synced 2024-09-19 19:30:28 +05:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add an option to control the secure parameter for cookies

Browse source
This commit is contained in:
Ivan R. 2023-11-01 21:02:08 +05:00
parent 3520042abe
commit 7e2559afcb
No known key found for this signature in database
GPG key ID: 56C7BAAE859B302C
4 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.env
View file

@ -3,3 +3,7 @@ P_DBPATH="db.sqlite3"
P_LOGLEVEL="debug" P_LOGLEVEL="debug"
P_ENABLEGINLOGGER="true" P_ENABLEGINLOGGER="true"
P_PRODUCTION="false" P_PRODUCTION="false"
# Disabled for development
# (not recommended for production environments)
P_SECURECOOKIE="false"

2
config/main.go
View file

@ -15,6 +15,8 @@ type Config struct {
HeaderAuth bool `default:"false"` HeaderAuth bool `default:"false"`
DefaultUsername string DefaultUsername string
DefaultPassword string DefaultPassword string
// Controls the "secure" option for a token cookie.
SecureCookie bool `default:"true"`
} }
func GetConfig() (*Config, error) { func GetConfig() (*Config, error) {

1
readme.md
View file

@ -24,6 +24,7 @@ Service settings can be set through environment variables.
| P_HEADERAUTH | Enable Trusted Header Auth (SSO) | `false` | | P_HEADERAUTH | Enable Trusted Header Auth (SSO) | `false` |
| P_DEFAULTUSERNAME | Data for the first user. | | | P_DEFAULTUSERNAME | Data for the first user. | |
| P_DEFAULTPASSWORD | Data for the first user. | | | P_DEFAULTPASSWORD | Data for the first user. | |
| P_SECURECOOKIE | Controls the "secure" option for a token cookie. | `true` |
## Docker-compose example ## Docker-compose example
```yml ```yml

14
views/auth.go
View file

@ -79,7 +79,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
ShowError(c, err) ShowError(c, err)
return return
} }
SetTokenCookie(c, token) SetTokenCookie(c, token, cfg)
return return
} }
@ -99,7 +99,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
ShowError(c, err) ShowError(c, err)
return return
} }
SetTokenCookie(c, newToken) SetTokenCookie(c, newToken, cfg)
} }
} }
@ -132,7 +132,7 @@ func CreateUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
ShowError(c, err) ShowError(c, err)
return return
} }
SetTokenCookie(c, token) SetTokenCookie(c, token, cfg)
// Redirect to homepage. // Redirect to homepage.
c.Redirect(http.StatusFound, "/") c.Redirect(http.StatusFound, "/")
@ -154,13 +154,13 @@ func AuthorizeUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
ShowError(c, err) ShowError(c, err)
return return
} }
SetTokenCookie(c, token) SetTokenCookie(c, token, cfg)
// Redirect to homepage. // Redirect to homepage.
c.Redirect(http.StatusFound, "/") c.Redirect(http.StatusFound, "/")
} }
// Save token for one day in cookies // Save token in cookies
func SetTokenCookie(c *gin.Context, token string) { func SetTokenCookie(c *gin.Context, token string, cfg *config.Config) {
c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", false, true) c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", cfg.SecureCookie, true)
} }