mirror of
https://github.com/ordinary-dev/phoenix
synced 2024-09-19 19:30:28 +05:00
Add an option to control the secure
parameter for cookies
This commit is contained in:
parent
3520042abe
commit
7e2559afcb
4
.env
4
.env
|
@ -3,3 +3,7 @@ P_DBPATH="db.sqlite3"
|
|||
P_LOGLEVEL="debug"
|
||||
P_ENABLEGINLOGGER="true"
|
||||
P_PRODUCTION="false"
|
||||
|
||||
# Disabled for development
|
||||
# (not recommended for production environments)
|
||||
P_SECURECOOKIE="false"
|
||||
|
|
|
@ -15,6 +15,8 @@ type Config struct {
|
|||
HeaderAuth bool `default:"false"`
|
||||
DefaultUsername string
|
||||
DefaultPassword string
|
||||
// Controls the "secure" option for a token cookie.
|
||||
SecureCookie bool `default:"true"`
|
||||
}
|
||||
|
||||
func GetConfig() (*Config, error) {
|
||||
|
|
|
@ -24,6 +24,7 @@ Service settings can be set through environment variables.
|
|||
| P_HEADERAUTH | Enable Trusted Header Auth (SSO) | `false` |
|
||||
| P_DEFAULTUSERNAME | Data for the first user. | |
|
||||
| P_DEFAULTPASSWORD | Data for the first user. | |
|
||||
| P_SECURECOOKIE | Controls the "secure" option for a token cookie. | `true` |
|
||||
|
||||
## Docker-compose example
|
||||
```yml
|
||||
|
|
|
@ -79,7 +79,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
|||
ShowError(c, err)
|
||||
return
|
||||
}
|
||||
SetTokenCookie(c, token)
|
||||
SetTokenCookie(c, token, cfg)
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -99,7 +99,7 @@ func AuthMiddleware(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
|||
ShowError(c, err)
|
||||
return
|
||||
}
|
||||
SetTokenCookie(c, newToken)
|
||||
SetTokenCookie(c, newToken, cfg)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -132,7 +132,7 @@ func CreateUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
|||
ShowError(c, err)
|
||||
return
|
||||
}
|
||||
SetTokenCookie(c, token)
|
||||
SetTokenCookie(c, token, cfg)
|
||||
|
||||
// Redirect to homepage.
|
||||
c.Redirect(http.StatusFound, "/")
|
||||
|
@ -154,13 +154,13 @@ func AuthorizeUser(c *gin.Context, db *gorm.DB, cfg *config.Config) {
|
|||
ShowError(c, err)
|
||||
return
|
||||
}
|
||||
SetTokenCookie(c, token)
|
||||
SetTokenCookie(c, token, cfg)
|
||||
|
||||
// Redirect to homepage.
|
||||
c.Redirect(http.StatusFound, "/")
|
||||
}
|
||||
|
||||
// Save token for one day in cookies
|
||||
func SetTokenCookie(c *gin.Context, token string) {
|
||||
c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", false, true)
|
||||
// Save token in cookies
|
||||
func SetTokenCookie(c *gin.Context, token string, cfg *config.Config) {
|
||||
c.SetCookie("phoenix-token", token, TOKEN_LIFETIME_IN_SECONDS, "/", "", cfg.SecureCookie, true)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue