move cookies to session + config.

2024-07-24 14:40:50 +12:00 · 2021-03-17 14:09:10 +01:00
parent d06a5a2ac7
commit 4abe0a5dba
4 changed files with 66 additions and 34 deletions
--- a/internal/api/session.go
+++ b/internal/api/session.go
@ -2,17 +2,12 @@ package api

 import (
 	"net/http"
-	"os"
-	"time"

 	"demodesk/neko/internal/http/auth"
 	"demodesk/neko/internal/types"
 	"demodesk/neko/internal/utils"
 )

-var CookieExpirationDate = time.Now().Add(365 * 24 * time.Hour)
-var UnsecureCookies = os.Getenv("DISABLE_SECURE_COOKIES") == "true"
-
 type SessionLoginPayload struct {
 	Username string `json:"username"`
 	Password string `json:"password"`
@ -36,19 +31,7 @@ func (api *ApiManagerCtx) Login(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	sameSite := http.SameSiteNoneMode
-	if UnsecureCookies {
-		sameSite = http.SameSiteDefaultMode
-	}
-
-	http.SetCookie(w, &http.Cookie{
-		Name:     "NEKO_SESSION",
-		Value:    token,
-		Expires:  CookieExpirationDate,
-		Secure:   !UnsecureCookies,
-		SameSite: sameSite,
-		HttpOnly: true,
-	})
+	api.sessions.CookieSetToken(w, token)

 	utils.HttpSuccess(w, SessionDataPayload{
 		ID:      session.ID(),
@ -66,19 +49,7 @@ func (api *ApiManagerCtx) Logout(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	sameSite := http.SameSiteNoneMode
-	if UnsecureCookies {
-		sameSite = http.SameSiteDefaultMode
-	}
-
-	http.SetCookie(w, &http.Cookie{
-		Name:     "NEKO_SESSION",
-		Value:    "",
-		Expires:  time.Unix(0, 0),
-		Secure:   !UnsecureCookies,
-		SameSite: sameSite,
-		HttpOnly: true,
-	})
+	api.sessions.CookieClearToken(w)

 	utils.HttpSuccess(w, true)
 }