Added cookie settings
This commit is contained in:
parent
23a89b06de
commit
6cdf05e7f2
2
main.go
2
main.go
@ -23,6 +23,8 @@ var (
|
||||
htpasswdFile = flag.String("htpasswd-file", "", "additionally authenticate against a htpasswd file. Entries must be created with \"htpasswd -s\" for SHA encryption")
|
||||
cookieSecret = flag.String("cookie-secret", "", "the seed string for secure cookies")
|
||||
cookieDomain = flag.String("cookie-domain", "", "an optional cookie domain to force cookies to")
|
||||
cookieExpire = flag.Int("cookie-expire", 168 * 60, "expire time for cookie")
|
||||
cookieSecure = flag.Bool("cookie-secure", false, "HTTPS only cookie")
|
||||
authenticatedEmailsFile = flag.String("authenticated-emails-file", "", "authenticate against emails via file (one per line)")
|
||||
googleAppsDomains = StringArray{}
|
||||
upstreams = StringArray{}
|
||||
|
@ -184,14 +184,27 @@ func (p *OauthProxy) SetCookie(rw http.ResponseWriter, req *http.Request, val st
|
||||
if *cookieDomain != "" && strings.HasSuffix(domain, *cookieDomain) {
|
||||
domain = *cookieDomain
|
||||
}
|
||||
need_expire := true
|
||||
expire := time.Now().Add(time.Duration(*cookieExpire))
|
||||
if *cookieExpire == 0 {
|
||||
need_expire = false
|
||||
}
|
||||
http_only := true
|
||||
secure := false
|
||||
if *cookieSecure {
|
||||
http_only = false
|
||||
secure = true
|
||||
}
|
||||
cookie := &http.Cookie{
|
||||
Name: p.CookieKey,
|
||||
Value: signedCookieValue(p.CookieSeed, p.CookieKey, val),
|
||||
Path: "/",
|
||||
Domain: domain,
|
||||
Expires: time.Now().Add(time.Duration(168) * time.Hour), // 7 days
|
||||
HttpOnly: true,
|
||||
// Secure: req. ... ? set if X-Scheme: https ?
|
||||
HttpOnly: http_only,
|
||||
Secure: secure,
|
||||
}
|
||||
if need_expire {
|
||||
cookie.Expires = expire
|
||||
}
|
||||
http.SetCookie(rw, cookie)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user