Support session cookie same site option
This commit is contained in:
Ming Deng
parent
a3be4cd7c7
commit
aed0453a4a
@ -62,6 +62,7 @@ install:
|
||||
- go get github.com/gomodule/redigo/redis
|
||||
- go get github.com/beego/x2j
|
||||
- go get github.com/couchbase/go-couchbase
|
||||
- go get -u github.com/couchbase/gomemcached@master
|
||||
- go get github.com/beego/goyaml2
|
||||
- go get gopkg.in/yaml.v2
|
||||
- go get github.com/belogik/goes
|
||||
|
||||
6
go.mod
6
go.mod
@ -12,9 +12,9 @@ require (
|
||||
github.com/coreos/go-semver v0.3.0 // indirect
|
||||
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf // indirect
|
||||
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f // indirect
|
||||
github.com/couchbase/go-couchbase v0.0.0-20200519150804-63f3cdb75e0d
|
||||
github.com/couchbase/gomemcached v0.0.0-20200526233749-ec430f949808 // indirect
|
||||
github.com/couchbase/goutils v0.0.0-20180530154633-e865a1461c8a // indirect
|
||||
github.com/couchbase/go-couchbase v0.0.0-20201216133707-c04035124b17
|
||||
github.com/couchbase/gomemcached v0.1.2-0.20201215185628-3bc3f73e68cb // indirect
|
||||
github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 // indirect
|
||||
github.com/elastic/go-elasticsearch/v6 v6.8.5
|
||||
github.com/elazarl/go-bindata-assetfs v1.0.0
|
||||
github.com/go-kit/kit v0.9.0
|
||||
|
||||
10
go.sum
10
go.sum
@ -40,10 +40,20 @@ github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f h1:lBNOc5arjvs8E5mO2tbp
|
||||
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
|
||||
github.com/couchbase/go-couchbase v0.0.0-20200519150804-63f3cdb75e0d h1:OMrhQqj1QCyDT2sxHCDjE+k8aMdn2ngTCGG7g4wrdLo=
|
||||
github.com/couchbase/go-couchbase v0.0.0-20200519150804-63f3cdb75e0d/go.mod h1:TWI8EKQMs5u5jLKW/tsb9VwauIrMIxQG1r5fMsswK5U=
|
||||
github.com/couchbase/go-couchbase v0.0.0-20201216133707-c04035124b17 h1:1ZELwRDUvpBpmgKSIUP6VMW1jIehzD0sCdWxRyejegw=
|
||||
github.com/couchbase/go-couchbase v0.0.0-20201216133707-c04035124b17/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A=
|
||||
github.com/couchbase/gomemcached v0.0.0-20200526233749-ec430f949808 h1:8s2l8TVUwMXl6tZMe3+hPCRJ25nQXiA3d1x622JtOqc=
|
||||
github.com/couchbase/gomemcached v0.0.0-20200526233749-ec430f949808/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c=
|
||||
github.com/couchbase/gomemcached v0.1.0 h1:whUde87n8CScx8ckMp2En5liqAlcuG3aKy/BQeBPu84=
|
||||
github.com/couchbase/gomemcached v0.1.0/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c=
|
||||
github.com/couchbase/gomemcached v0.1.1 h1:xCS8ZglJDhrlQg3jmK7Rn1V8f7bPjXABLC05CgLQauc=
|
||||
github.com/couchbase/gomemcached v0.1.1/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo=
|
||||
github.com/couchbase/gomemcached v0.1.2-0.20201215185628-3bc3f73e68cb h1:ZCFku0K/3Xvl7rXkGGM+ioT76Rxko8V9wDEWa0GFp14=
|
||||
github.com/couchbase/gomemcached v0.1.2-0.20201215185628-3bc3f73e68cb/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo=
|
||||
github.com/couchbase/goutils v0.0.0-20180530154633-e865a1461c8a h1:Y5XsLCEhtEI8qbD9RP3Qlv5FXdTDHxZM9UPUnMRgBp8=
|
||||
github.com/couchbase/goutils v0.0.0-20180530154633-e865a1461c8a/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
|
||||
github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 h1:NCqJ6fwen6YP0WlV/IyibaT0kPt3JEI1rA62V/UPKT4=
|
||||
github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs=
|
||||
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76 h1:Lgdd/Qp96Qj8jqLpq2cI1I1X7BJnu06efS+XkhRoLUQ=
|
||||
github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
|
||||
@ -17,6 +17,7 @@ package web
|
||||
import (
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"reflect"
|
||||
@ -116,6 +117,7 @@ type SessionConfig struct {
|
||||
SessionEnableSidInHTTPHeader bool // enable store/get the sessionId into/from http headers
|
||||
SessionNameInHTTPHeader string
|
||||
SessionEnableSidInURLQuery bool // enable get the sessionId from Url Query params
|
||||
SessionCookieSameSite http.SameSite
|
||||
}
|
||||
|
||||
// LogConfig holds Log related config
|
||||
@ -274,6 +276,7 @@ func newBConfig() *Config {
|
||||
SessionEnableSidInHTTPHeader: false, // enable store/get the sessionId into/from http headers
|
||||
SessionNameInHTTPHeader: "Beegosessionid",
|
||||
SessionEnableSidInURLQuery: false, // enable get the sessionId from Url Query params
|
||||
SessionCookieSameSite: http.SameSiteDefaultMode,
|
||||
},
|
||||
},
|
||||
Log: LogConfig{
|
||||
|
||||
@ -61,6 +61,7 @@ func registerSession() error {
|
||||
conf.EnableSidInHTTPHeader = BConfig.WebConfig.Session.SessionEnableSidInHTTPHeader
|
||||
conf.SessionNameInHTTPHeader = BConfig.WebConfig.Session.SessionNameInHTTPHeader
|
||||
conf.EnableSidInURLQuery = BConfig.WebConfig.Session.SessionEnableSidInURLQuery
|
||||
conf.CookieSameSite = BConfig.WebConfig.Session.SessionCookieSameSite
|
||||
} else {
|
||||
if err = json.Unmarshal([]byte(sessionConfig), conf); err != nil {
|
||||
return err
|
||||
|
||||
@ -107,6 +107,7 @@ type ManagerConfig struct {
|
||||
SessionNameInHTTPHeader string `json:"SessionNameInHTTPHeader"`
|
||||
EnableSidInURLQuery bool `json:"EnableSidInURLQuery"`
|
||||
SessionIDPrefix string `json:"sessionIDPrefix"`
|
||||
CookieSameSite http.SameSite `json:"cookieSameSite"`
|
||||
}
|
||||
|
||||
// Manager contains Provider and its configuration.
|
||||
@ -239,6 +240,7 @@ func (manager *Manager) SessionStart(w http.ResponseWriter, r *http.Request) (se
|
||||
HttpOnly: !manager.config.DisableHTTPOnly,
|
||||
Secure: manager.isSecure(r),
|
||||
Domain: manager.config.Domain,
|
||||
SameSite: manager.config.CookieSameSite,
|
||||
}
|
||||
if manager.config.CookieLifeTime > 0 {
|
||||
cookie.MaxAge = manager.config.CookieLifeTime
|
||||
@ -278,7 +280,9 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) {
|
||||
HttpOnly: !manager.config.DisableHTTPOnly,
|
||||
Expires: expiration,
|
||||
MaxAge: -1,
|
||||
Domain: manager.config.Domain}
|
||||
Domain: manager.config.Domain,
|
||||
SameSite: manager.config.CookieSameSite,
|
||||
}
|
||||
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
@ -319,6 +323,7 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
|
||||
HttpOnly: !manager.config.DisableHTTPOnly,
|
||||
Secure: manager.isSecure(r),
|
||||
Domain: manager.config.Domain,
|
||||
SameSite: manager.config.CookieSameSite,
|
||||
}
|
||||
} else {
|
||||
oldsid, err := url.QueryUnescape(cookie.Value)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user