meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Use session CreatedAt for cookie timings

Browse Source
This commit is contained in:
Joel Speed 2019-05-15 17:08:15 +01:00
parent 8e7f98e461
commit febd026ffe
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/sessions/redis/redis_store.go
View File

@ -55,6 +55,10 @@ func NewRedisSessionStore(opts *options.SessionOptions, cookieOpts *options.Cook
// Save takes a sessions.SessionState and stores the information from it // Save takes a sessions.SessionState and stores the information from it
// to redies, and adds a new ticket cookie on the HTTP response writer // to redies, and adds a new ticket cookie on the HTTP response writer
func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error { func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error {
if s.CreatedAt.IsZero() {
s.CreatedAt = time.Now()
}
// Old sessions that we are refreshing would have a request cookie // Old sessions that we are refreshing would have a request cookie
// New sessions don't, so we ignore the error. storeValue will check requestCookie // New sessions don't, so we ignore the error. storeValue will check requestCookie
requestCookie, _ := req.Cookie(store.CookieOptions.CookieName) requestCookie, _ := req.Cookie(store.CookieOptions.CookieName)
@ -73,7 +77,7 @@ func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *se
ticketString, ticketString,
store.CookieOptions, store.CookieOptions,
store.CookieOptions.CookieExpire, store.CookieOptions.CookieExpire,
time.Now(), s.CreatedAt,
) )
http.SetCookie(rw, ticketCookie) http.SetCookie(rw, ticketCookie)