mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-27 08:14:02 +01:00
Merge pull request #492 from chadoe/suburlcookie
Set cookiepath to AppSubUrl
This commit is contained in:
commit
d325b23dbb
6 changed files with 16 additions and 14 deletions
|
@ -97,9 +97,10 @@ func newMacaron() *macaron.Macaron {
|
||||||
Config: *setting.SessionConfig,
|
Config: *setting.SessionConfig,
|
||||||
}))
|
}))
|
||||||
m.Use(csrf.Generate(csrf.Options{
|
m.Use(csrf.Generate(csrf.Options{
|
||||||
Secret: setting.SecretKey,
|
Secret: setting.SecretKey,
|
||||||
SetCookie: true,
|
SetCookie: true,
|
||||||
Header: "X-Csrf-Token",
|
Header: "X-Csrf-Token",
|
||||||
|
CookiePath: setting.AppSubUrl,
|
||||||
}))
|
}))
|
||||||
m.Use(toolbox.Toolboxer(m, toolbox.Options{
|
m.Use(toolbox.Toolboxer(m, toolbox.Options{
|
||||||
HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
|
HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
|
||||||
|
|
|
@ -48,7 +48,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
|
||||||
if strings.HasSuffix(ctx.Req.RequestURI, "watch") {
|
if strings.HasSuffix(ctx.Req.RequestURI, "watch") {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI))
|
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
|
||||||
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
||||||
return
|
return
|
||||||
} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
|
} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
|
||||||
|
|
|
@ -298,7 +298,7 @@ func RequireTrueOwner() macaron.Handler {
|
||||||
return func(ctx *Context) {
|
return func(ctx *Context) {
|
||||||
if !ctx.Repo.IsTrueOwner && !ctx.Repo.IsAdmin {
|
if !ctx.Repo.IsTrueOwner && !ctx.Repo.IsAdmin {
|
||||||
if !ctx.IsSigned {
|
if !ctx.IsSigned {
|
||||||
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI))
|
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
|
||||||
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -380,6 +380,7 @@ func newSessionService() {
|
||||||
SessionConfig = new(session.Config)
|
SessionConfig = new(session.Config)
|
||||||
SessionConfig.ProviderConfig = strings.Trim(Cfg.MustValue("session", "PROVIDER_CONFIG"), "\" ")
|
SessionConfig.ProviderConfig = strings.Trim(Cfg.MustValue("session", "PROVIDER_CONFIG"), "\" ")
|
||||||
SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
|
SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
|
||||||
|
SessionConfig.CookiePath = AppSubUrl
|
||||||
SessionConfig.Secure = Cfg.MustBool("session", "COOKIE_SECURE")
|
SessionConfig.Secure = Cfg.MustBool("session", "COOKIE_SECURE")
|
||||||
SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
|
SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
|
||||||
SessionConfig.Gclifetime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
|
SessionConfig.Gclifetime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
|
||||||
|
|
|
@ -54,7 +54,7 @@ func Issues(ctx *middleware.Context) {
|
||||||
isShowClosed := ctx.Query("state") == "closed"
|
isShowClosed := ctx.Query("state") == "closed"
|
||||||
|
|
||||||
if viewType != "all" && !ctx.IsSigned {
|
if viewType != "all" && !ctx.IsSigned {
|
||||||
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI))
|
ctx.SetCookie("redirect_to", "/"+url.QueryEscape(setting.AppSubUrl+ctx.Req.RequestURI), 0, setting.AppSubUrl)
|
||||||
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
@ -52,8 +52,8 @@ func SignIn(ctx *middleware.Context) {
|
||||||
defer func() {
|
defer func() {
|
||||||
if !isSucceed {
|
if !isSucceed {
|
||||||
log.Trace("auto-login cookie cleared: %s", uname)
|
log.Trace("auto-login cookie cleared: %s", uname)
|
||||||
ctx.SetCookie(setting.CookieUserName, "", -1)
|
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
|
||||||
ctx.SetCookie(setting.CookieRememberName, "", -1)
|
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}()
|
}()
|
||||||
|
@ -77,7 +77,7 @@ func SignIn(ctx *middleware.Context) {
|
||||||
ctx.Session.Set("uid", u.Id)
|
ctx.Session.Set("uid", u.Id)
|
||||||
ctx.Session.Set("uname", u.Name)
|
ctx.Session.Set("uname", u.Name)
|
||||||
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
|
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
|
||||||
ctx.SetCookie("redirect_to", "", -1)
|
ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl)
|
||||||
ctx.Redirect(redirectTo)
|
ctx.Redirect(redirectTo)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -113,9 +113,9 @@ func SignInPost(ctx *middleware.Context, form auth.SignInForm) {
|
||||||
|
|
||||||
if form.Remember {
|
if form.Remember {
|
||||||
days := 86400 * setting.LogInRememberDays
|
days := 86400 * setting.LogInRememberDays
|
||||||
ctx.SetCookie(setting.CookieUserName, u.Name, days)
|
ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl)
|
||||||
ctx.SetSuperSecureCookie(base.EncodeMd5(u.Rands+u.Passwd),
|
ctx.SetSuperSecureCookie(base.EncodeMd5(u.Rands+u.Passwd),
|
||||||
setting.CookieRememberName, u.Name, days)
|
setting.CookieRememberName, u.Name, days, setting.AppSubUrl)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Bind with social account.
|
// Bind with social account.
|
||||||
|
@ -135,7 +135,7 @@ func SignInPost(ctx *middleware.Context, form auth.SignInForm) {
|
||||||
ctx.Session.Set("uid", u.Id)
|
ctx.Session.Set("uid", u.Id)
|
||||||
ctx.Session.Set("uname", u.Name)
|
ctx.Session.Set("uname", u.Name)
|
||||||
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
|
if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
|
||||||
ctx.SetCookie("redirect_to", "", -1)
|
ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl)
|
||||||
ctx.Redirect(redirectTo)
|
ctx.Redirect(redirectTo)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -149,8 +149,8 @@ func SignOut(ctx *middleware.Context) {
|
||||||
ctx.Session.Delete("socialId")
|
ctx.Session.Delete("socialId")
|
||||||
ctx.Session.Delete("socialName")
|
ctx.Session.Delete("socialName")
|
||||||
ctx.Session.Delete("socialEmail")
|
ctx.Session.Delete("socialEmail")
|
||||||
ctx.SetCookie(setting.CookieUserName, "", -1)
|
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
|
||||||
ctx.SetCookie(setting.CookieRememberName, "", -1)
|
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
|
||||||
ctx.Redirect(setting.AppSubUrl + "/")
|
ctx.Redirect(setting.AppSubUrl + "/")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue