ClusterCockpit/cc-backend
1
0
Fork 0
mirror of https://github.com/ClusterCockpit/cc-backend synced 2026-03-30 20:47:31 +02:00
Code Issues Packages Releases Activity

Ease samesite cookie settings

Browse Source 
Entire-Checkpoint: 2fe286e23a4a
This commit is contained in:
Jan Eitzinger
2026-03-30 16:10:11 +02:00
parent 66707bbf15
commit 82c514b11a
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/auth/auth.go
View File

@@ -164,12 +164,17 @@ func (auth *Authentication) AuthViaSession(
return nil, errors.New("invalid session data") return nil, errors.New("invalid session data")
} }
authSourceInt, ok := session.Values["authSource"].(int)
if !ok {
authSourceInt = int(schema.AuthViaLocalPassword)
}
return &schema.User{ return &schema.User{
Username: username, Username: username,
Projects: projects, Projects: projects,
Roles: roles, Roles: roles,
AuthType: schema.AuthSession, AuthType: schema.AuthSession,
AuthSource: -1, AuthSource: schema.AuthSource(authSourceInt),
}, nil }, nil
} }
@@ -319,10 +324,11 @@ func (auth *Authentication) SaveSession(rw http.ResponseWriter, r *http.Request,
} }
session.Options.Secure = false session.Options.Secure = false
} }
session.Options.SameSite = http.SameSiteStrictMode session.Options.SameSite = http.SameSiteLaxMode
session.Values["username"] = user.Username session.Values["username"] = user.Username
session.Values["projects"] = user.Projects session.Values["projects"] = user.Projects
session.Values["roles"] = user.Roles session.Values["roles"] = user.Roles
session.Values["authSource"] = int(user.AuthSource)
if err := auth.sessionStore.Save(r, rw, session); err != nil { if err := auth.sessionStore.Save(r, rw, session); err != nil {
cclog.Warnf("session save failed: %s", err.Error()) cclog.Warnf("session save failed: %s", err.Error())
http.Error(rw, err.Error(), http.StatusInternalServerError) http.Error(rw, err.Error(), http.StatusInternalServerError)