playground
/
gogs
mirror of https://github.com/gogits/gogs.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

setting: add login status cookie (#2885) 

Added config options EnableLoginStatusCookie and LoginStatusCookieName under section '[security]'.
pull/4301/head
Unknwon 8 years ago
parent
bc630cc52b
commit
becaec19a7
No known key found for this signature in database
GPG Key ID: 25B575AE3213B2B3
4 changed files with 25 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      conf/app.ini
  2. 4
      modules/bindata/bindata.go
  3. 20
      modules/setting/setting.go
  4. 9
      routers/user/auth.go

3
conf/app.ini
Unescape View File

@ -182,6 +182,9 @@ COOKIE_REMEMBER_NAME = gogs_incredible
COOKIE_SECURE = false COOKIE_SECURE = false
; Reverse proxy authentication header name of user name ; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
; Enable to set cookie to indicate user login status
ENABLE_LOGIN_STATUS_COOKIE = false
LOGIN_STATUS_COOKIE_NAME = login_status
[service] [service]
ACTIVE_CODE_LIVE_MINUTES = 180 ACTIVE_CODE_LIVE_MINUTES = 180

4
modules/bindata/bindata.go
View File

File diff suppressed because one or more lines are too long

20
modules/setting/setting.go
Unescape View File

@ -93,13 +93,15 @@ var (
} }
// Security settings // Security settings
InstallLock bool InstallLock bool
SecretKey string SecretKey string
LogInRememberDays int LoginRememberDays int
CookieUserName string CookieUserName string
CookieRememberName string CookieRememberName string
CookieSecure bool CookieSecure bool
ReverseProxyAuthUser string ReverseProxyAuthUser string
EnableLoginStatusCookie bool
LoginStatusCookieName string
// Database settings // Database settings
UseSQLite3 bool UseSQLite3 bool
@ -492,11 +494,13 @@ func NewContext() {
sec = Cfg.Section("security") sec = Cfg.Section("security")
InstallLock = sec.Key("INSTALL_LOCK").MustBool() InstallLock = sec.Key("INSTALL_LOCK").MustBool()
SecretKey = sec.Key("SECRET_KEY").String() SecretKey = sec.Key("SECRET_KEY").String()
LogInRememberDays = sec.Key("LOGIN_REMEMBER_DAYS").MustInt() LoginRememberDays = sec.Key("LOGIN_REMEMBER_DAYS").MustInt()
CookieUserName = sec.Key("COOKIE_USERNAME").String() CookieUserName = sec.Key("COOKIE_USERNAME").String()
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").String() CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").String()
CookieSecure = sec.Key("COOKIE_SECURE").MustBool(false) CookieSecure = sec.Key("COOKIE_SECURE").MustBool(false)
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
EnableLoginStatusCookie = sec.Key("ENABLE_LOGIN_STATUS_COOKIE").MustBool(false)
LoginStatusCookieName = sec.Key("LOGIN_STATUS_COOKIE_NAME").MustString("login_status")
sec = Cfg.Section("attachment") sec = Cfg.Section("attachment")
AttachmentPath = sec.Key("PATH").MustString(path.Join(AppDataPath, "attachments")) AttachmentPath = sec.Key("PATH").MustString(path.Join(AppDataPath, "attachments"))

9
routers/user/auth.go
Unescape View File

@ -45,6 +45,7 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
log.Trace("auto-login cookie cleared: %s", uname) log.Trace("auto-login cookie cleared: %s", uname)
ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl)
ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl)
ctx.SetCookie(setting.LoginStatusCookieName, "", -1, setting.AppSubUrl)
} }
}() }()
@ -64,6 +65,9 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
ctx.Session.Set("uid", u.ID) ctx.Session.Set("uid", u.ID)
ctx.Session.Set("uname", u.Name) ctx.Session.Set("uname", u.Name)
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl)
if setting.EnableLoginStatusCookie {
ctx.SetCookie(setting.LoginStatusCookieName, "true", 0, setting.AppSubUrl)
}
return true, nil return true, nil
} }
@ -123,7 +127,7 @@ func SignInPost(ctx *context.Context, f form.SignIn) {
} }
if f.Remember { if f.Remember {
days := 86400 * setting.LogInRememberDays days := 86400 * setting.LoginRememberDays
ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl, "", setting.CookieSecure, true) ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl, "", setting.CookieSecure, true)
ctx.SetSuperSecureCookie(u.Rands+u.Passwd, setting.CookieRememberName, u.Name, days, setting.AppSubUrl, "", setting.CookieSecure, true) ctx.SetSuperSecureCookie(u.Rands+u.Passwd, setting.CookieRememberName, u.Name, days, setting.AppSubUrl, "", setting.CookieSecure, true)
} }
@ -133,6 +137,9 @@ func SignInPost(ctx *context.Context, f form.SignIn) {
// Clear whatever CSRF has right now, force to generate a new one // Clear whatever CSRF has right now, force to generate a new one
ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl)
if setting.EnableLoginStatusCookie {
ctx.SetCookie(setting.LoginStatusCookieName, "true", 0, setting.AppSubUrl)
}
redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")) redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to"))
ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl)

Write Preview
Loading…
Cancel
Save