Browse Source

Fix cookies for auth and captcha

master
Jan-Lukas Else 1 week ago
parent
commit
bb73d4831c
3 changed files with 8 additions and 4 deletions
  1. +2
    -2
      authentication.go
  2. +2
    -2
      captcha.go
  3. +4
    -0
      config.go

+ 2
- 2
authentication.go View File

@ -121,8 +121,8 @@ func createTokenCookie(username string) (*http.Cookie, error) {
Name: "token",
Value: tokenString,
Expires: expiration,
Secure: true,
Secure: httpsConfigured(),
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode,
}, nil
}

+ 2
- 2
captcha.go View File

@ -105,8 +105,8 @@ func createCaptchaCookie() (*http.Cookie, error) {
Name: "captcha",
Value: tokenString,
Expires: expiration,
Secure: true,
Secure: httpsConfigured(),
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode,
}, nil
}

+ 4
- 0
config.go View File

@ -260,3 +260,7 @@ func initConfig() error {
}
return nil
}
func httpsConfigured() bool {
return appConfig.Server.PublicHTTPS || appConfig.Server.SecurityHeaders || strings.HasPrefix(appConfig.Server.PublicAddress, "https")
}

Loading…
Cancel
Save