mirror of
https://github.com/m1k1o/neko.git
synced 2024-07-24 14:40:50 +12:00
cookie: enabled / disabled.
This commit is contained in:
parent
9b1deb4134
commit
04d2fa8863
@ -70,7 +70,10 @@ func (api *ApiManagerCtx) Authenticate(next http.Handler) http.Handler {
|
|||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
session, err := api.sessions.Authenticate(r)
|
session, err := api.sessions.Authenticate(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
api.sessions.CookieClearToken(w, r)
|
if api.sessions.CookieEnabled() {
|
||||||
|
api.sessions.CookieClearToken(w, r)
|
||||||
|
}
|
||||||
|
|
||||||
utils.HttpUnauthorized(w, err)
|
utils.HttpUnauthorized(w, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -15,6 +15,7 @@ type SessionLoginPayload struct {
|
|||||||
|
|
||||||
type SessionDataPayload struct {
|
type SessionDataPayload struct {
|
||||||
ID string `json:"id"`
|
ID string `json:"id"`
|
||||||
|
Token string `json:"token,omitempty"`
|
||||||
Profile types.MemberProfile `json:"profile"`
|
Profile types.MemberProfile `json:"profile"`
|
||||||
State types.SessionState `json:"state"`
|
State types.SessionState `json:"state"`
|
||||||
}
|
}
|
||||||
@ -31,13 +32,19 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
api.sessions.CookieSetToken(w, token)
|
sessionData := SessionDataPayload{
|
||||||
|
|
||||||
utils.HttpSuccess(w, SessionDataPayload{
|
|
||||||
ID: session.ID(),
|
ID: session.ID(),
|
||||||
Profile: session.Profile(),
|
Profile: session.Profile(),
|
||||||
State: session.State(),
|
State: session.State(),
|
||||||
})
|
}
|
||||||
|
|
||||||
|
if api.sessions.CookieEnabled() {
|
||||||
|
api.sessions.CookieSetToken(w, token)
|
||||||
|
} else {
|
||||||
|
sessionData.Token = token
|
||||||
|
}
|
||||||
|
|
||||||
|
utils.HttpSuccess(w, sessionData)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) {
|
func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -49,7 +56,9 @@ func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
api.sessions.CookieClearToken(w, r)
|
if api.sessions.CookieEnabled() {
|
||||||
|
api.sessions.CookieClearToken(w, r)
|
||||||
|
}
|
||||||
|
|
||||||
utils.HttpSuccess(w, true)
|
utils.HttpSuccess(w, true)
|
||||||
}
|
}
|
||||||
|
@ -11,6 +11,7 @@ type Session struct {
|
|||||||
ImplicitHosting bool
|
ImplicitHosting bool
|
||||||
APIToken string
|
APIToken string
|
||||||
|
|
||||||
|
CookieEnabled bool
|
||||||
CookieName string
|
CookieName string
|
||||||
CookieExpiration time.Time
|
CookieExpiration time.Time
|
||||||
CookieSecure bool
|
CookieSecure bool
|
||||||
@ -28,6 +29,11 @@ func (Session) Init(cmd *cobra.Command) error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// cookie
|
// cookie
|
||||||
|
cmd.PersistentFlags().Bool("session.cookie.enabled", true, "whether cookies authentication should be enabled")
|
||||||
|
if err := viper.BindPFlag("session.cookie.enabled", cmd.PersistentFlags().Lookup("session.cookie.enabled")); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
cmd.PersistentFlags().String("session.cookie.name", "NEKO_SESSION", "name of the cookie that holds token")
|
cmd.PersistentFlags().String("session.cookie.name", "NEKO_SESSION", "name of the cookie that holds token")
|
||||||
if err := viper.BindPFlag("session.cookie.name", cmd.PersistentFlags().Lookup("session.cookie.name")); err != nil {
|
if err := viper.BindPFlag("session.cookie.name", cmd.PersistentFlags().Lookup("session.cookie.name")); err != nil {
|
||||||
return err
|
return err
|
||||||
@ -50,6 +56,7 @@ func (s *Session) Set() {
|
|||||||
s.ImplicitHosting = viper.GetBool("session.implicit_hosting")
|
s.ImplicitHosting = viper.GetBool("session.implicit_hosting")
|
||||||
s.APIToken = viper.GetString("session.api_token")
|
s.APIToken = viper.GetString("session.api_token")
|
||||||
|
|
||||||
|
s.CookieEnabled = viper.GetBool("session.cookie.enabled")
|
||||||
s.CookieName = viper.GetString("session.cookie.name")
|
s.CookieName = viper.GetString("session.cookie.name")
|
||||||
s.CookieExpiration = time.Now().Add(time.Duration(viper.GetInt("session.cookie.expiration")) * time.Hour)
|
s.CookieExpiration = time.Now().Add(time.Duration(viper.GetInt("session.cookie.expiration")) * time.Hour)
|
||||||
s.CookieSecure = viper.GetBool("session.cookie.secure")
|
s.CookieSecure = viper.GetBool("session.cookie.secure")
|
||||||
|
@ -300,3 +300,7 @@ func (manager *SessionManagerCtx) OnHostChanged(listener func(session types.Sess
|
|||||||
func (manager *SessionManagerCtx) ImplicitHosting() bool {
|
func (manager *SessionManagerCtx) ImplicitHosting() bool {
|
||||||
return manager.config.ImplicitHosting
|
return manager.config.ImplicitHosting
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (manager *SessionManagerCtx) CookieEnabled() bool {
|
||||||
|
return manager.config.CookieEnabled
|
||||||
|
}
|
||||||
|
@ -49,6 +49,7 @@ type SessionManager interface {
|
|||||||
OnHostChanged(listener func(session Session))
|
OnHostChanged(listener func(session Session))
|
||||||
|
|
||||||
ImplicitHosting() bool
|
ImplicitHosting() bool
|
||||||
|
CookieEnabled() bool
|
||||||
|
|
||||||
CookieSetToken(w http.ResponseWriter, token string)
|
CookieSetToken(w http.ResponseWriter, token string)
|
||||||
CookieClearToken(w http.ResponseWriter, r *http.Request)
|
CookieClearToken(w http.ResponseWriter, r *http.Request)
|
||||||
|
Loading…
x
Reference in New Issue
Block a user