Fix: cookie timeout
All checks were successful
All checks were successful
This commit is contained in:
37
cmds/genToken.go
Normal file
37
cmds/genToken.go
Normal file
@@ -0,0 +1,37 @@
|
||||
package cmds
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"net/http"
|
||||
|
||||
"github.com/go-resty/resty/v2"
|
||||
"github.com/spf13/cobra"
|
||||
)
|
||||
|
||||
type genLoginUrlPayload struct {
|
||||
LoginUrl string `json:"loginUrl"`
|
||||
}
|
||||
|
||||
type loginPayload struct {
|
||||
Token string `json:"token"`
|
||||
}
|
||||
|
||||
var genTokenCmd = &cobra.Command{
|
||||
Use: "gen-token",
|
||||
Run: func(cmd *cobra.Command, args []string) {
|
||||
client := resty.New()
|
||||
|
||||
var payload genLoginUrlPayload
|
||||
resp, err := client.R().
|
||||
SetBody(`{"userId": "testuser1"}`).
|
||||
SetAuthToken("poop").
|
||||
SetResult(&payload).
|
||||
Post("http://localhost:8080/auth/gen-login-url")
|
||||
|
||||
if err != nil || resp.StatusCode() != http.StatusOK {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
fmt.Printf("url: %s\n", payload.LoginUrl)
|
||||
},
|
||||
}
|
||||
@@ -21,4 +21,5 @@ func init() {
|
||||
cobra.EnableTraverseRunHooks = true
|
||||
|
||||
RootCmd.AddCommand(serveCmd)
|
||||
RootCmd.AddCommand(genTokenCmd)
|
||||
}
|
||||
|
||||
@@ -101,6 +101,7 @@ var serveCmd = &cobra.Command{
|
||||
Use(middlewares.AccessLog).
|
||||
Use(middlewares.CORSHandler)
|
||||
|
||||
backend.OPTIONS("/*any", utils.GetHealthz)
|
||||
backend.GET("/healthz", utils.GetHealthz)
|
||||
|
||||
apiGroup := backend.NewGroup("/api").
|
||||
@@ -136,6 +137,8 @@ var serveCmd = &cobra.Command{
|
||||
func init() {
|
||||
serveCmd.Flags().
|
||||
String("port", "8080", "Port to listen on")
|
||||
serveCmd.Flags().
|
||||
Bool("https", false, "Enable https mode")
|
||||
serveCmd.Flags().
|
||||
String("external-url", "http://localhost:8080", "External url for login")
|
||||
serveCmd.Flags().
|
||||
|
||||
@@ -63,10 +63,14 @@ func (self *Handlers) PostLogin(
|
||||
}
|
||||
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "refresh_token",
|
||||
Value: session.RefreshToken,
|
||||
Name: "refresh_token",
|
||||
Value: session.RefreshToken,
|
||||
Path: "/",
|
||||
Secure: viper.GetBool("https"),
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
Expires: time.Now().Add(time.Duration(
|
||||
viper.GetInt64("REFRESH_TOKEN_TIMEOUT")) * time.Second),
|
||||
viper.GetInt64("refresh-token-timeout")) * time.Second),
|
||||
})
|
||||
|
||||
return utils.Success(w)
|
||||
|
||||
@@ -3,6 +3,7 @@ package middlewares
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"gitea.konchin.com/go2025/backend/interfaces"
|
||||
"gitea.konchin.com/go2025/backend/models"
|
||||
@@ -46,10 +47,12 @@ func refreshAccessToken(
|
||||
}
|
||||
|
||||
http.SetCookie(w, &http.Cookie{
|
||||
Name: "access_token",
|
||||
Value: ret,
|
||||
Path: "/",
|
||||
Secure: false,
|
||||
Name: "access_token",
|
||||
Value: ret,
|
||||
Path: "/",
|
||||
Secure: viper.GetBool("https"),
|
||||
Expires: time.Now().Add(time.Duration(
|
||||
viper.GetInt64("access-token-timeout")) * time.Second),
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
|
||||
@@ -62,7 +62,8 @@ func (self *Handlers) CheckRefreshToken(
|
||||
Name: "refresh_token",
|
||||
Value: session.RefreshToken,
|
||||
Path: "/",
|
||||
Secure: false,
|
||||
Secure: viper.GetBool("https"),
|
||||
Expires: claim.ExpiresAt.Time,
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user