diff --git a/frontend/src/lib/i18n/locales/en-US.json b/frontend/src/lib/i18n/locales/en-US.json index b2dd900..6338a88 100644 --- a/frontend/src/lib/i18n/locales/en-US.json +++ b/frontend/src/lib/i18n/locales/en-US.json @@ -21,7 +21,7 @@ "continueInsecureRedirectTitle": "Insecure redirect", "continueInsecureRedirectSubtitle": "You are trying to redirect from https to http which is not secure. Are you sure you want to continue?", "continueUntrustedRedirectTitle": "Untrusted redirect", - "continueUntrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{rootDomain}}). Are you sure you want to continue?", + "continueUntrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{cookieDomain}}). Are you sure you want to continue?", "logoutFailTitle": "Failed to log out", "logoutFailSubtitle": "Please try again", "logoutSuccessTitle": "Logged out", diff --git a/frontend/src/lib/i18n/locales/en.json b/frontend/src/lib/i18n/locales/en.json index b2dd900..6338a88 100644 --- a/frontend/src/lib/i18n/locales/en.json +++ b/frontend/src/lib/i18n/locales/en.json @@ -21,7 +21,7 @@ "continueInsecureRedirectTitle": "Insecure redirect", "continueInsecureRedirectSubtitle": "You are trying to redirect from https to http which is not secure. Are you sure you want to continue?", "continueUntrustedRedirectTitle": "Untrusted redirect", - "continueUntrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{rootDomain}}). Are you sure you want to continue?", + "continueUntrustedRedirectSubtitle": "You are trying to redirect to a domain that does not match your configured domain ({{cookieDomain}}). Are you sure you want to continue?", "logoutFailTitle": "Failed to log out", "logoutFailSubtitle": "Please try again", "logoutSuccessTitle": "Logged out", diff --git a/frontend/src/pages/continue-page.tsx b/frontend/src/pages/continue-page.tsx index 261be8b..f17bd97 100644 --- a/frontend/src/pages/continue-page.tsx +++ b/frontend/src/pages/continue-page.tsx @@ -14,7 +14,7 @@ import { Navigate, useLocation, useNavigate } from "react-router"; import { useEffect, useState } from "react"; export const ContinuePage = () => { - const { rootDomain } = useAppContext(); + const { cookieDomain } = useAppContext(); const { isLoggedIn } = useUserContext(); const { search } = useLocation(); const { t } = useTranslation(); @@ -33,8 +33,8 @@ export const ContinuePage = () => { : null; const isTrustedRedirectUri = redirectUriObj !== null - ? redirectUriObj.hostname === rootDomain || - redirectUriObj.hostname.endsWith(`.${rootDomain}`) + ? redirectUriObj.hostname === cookieDomain || + redirectUriObj.hostname.endsWith(`.${cookieDomain}`) : false; const isAllowedRedirectProto = redirectUriObj !== null @@ -105,7 +105,7 @@ export const ContinuePage = () => { components={{ code: , }} - values={{ rootDomain }} + values={{ cookieDomain }} /> diff --git a/frontend/src/schemas/app-context-schema.ts b/frontend/src/schemas/app-context-schema.ts index 7d29c7e..8931be1 100644 --- a/frontend/src/schemas/app-context-schema.ts +++ b/frontend/src/schemas/app-context-schema.ts @@ -5,6 +5,7 @@ export const appContextSchema = z.object({ title: z.string(), genericName: z.string(), appUrl: z.string(), + cookieDomain: z.string(), forgotPasswordMessage: z.string(), oauthAutoRedirect: z.enum(["none", "github", "google", "generic"]), backgroundImage: z.string(), diff --git a/internal/bootstrap/app_bootstrap.go b/internal/bootstrap/app_bootstrap.go index 211d3fe..db2e564 100644 --- a/internal/bootstrap/app_bootstrap.go +++ b/internal/bootstrap/app_bootstrap.go @@ -183,6 +183,7 @@ func (app *BootstrapApp) Setup() error { Title: app.Config.Title, GenericName: app.Config.GenericName, AppURL: app.Config.AppURL, + CookieDomain: cookieDomain, ForgotPasswordMessage: app.Config.ForgotPasswordMessage, BackgroundImage: app.Config.BackgroundImage, OAuthAutoRedirect: app.Config.OAuthAutoRedirect, diff --git a/internal/controller/context_controller.go b/internal/controller/context_controller.go index a7bc8a5..ee3eec6 100644 --- a/internal/controller/context_controller.go +++ b/internal/controller/context_controller.go @@ -28,6 +28,7 @@ type AppContextResponse struct { Title string `json:"title"` GenericName string `json:"genericName"` AppURL string `json:"appUrl"` + CookieDomain string `json:"cookieDomain"` ForgotPasswordMessage string `json:"forgotPasswordMessage"` BackgroundImage string `json:"backgroundImage"` OAuthAutoRedirect string `json:"oauthAutoRedirect"` @@ -38,6 +39,7 @@ type ContextControllerConfig struct { Title string GenericName string AppURL string + CookieDomain string ForgotPasswordMessage string BackgroundImage string OAuthAutoRedirect string @@ -98,6 +100,7 @@ func (controller *ContextController) appContextHandler(c *gin.Context) { Title: controller.config.Title, GenericName: controller.config.GenericName, AppURL: fmt.Sprintf("%s://%s", appUrl.Scheme, appUrl.Host), + CookieDomain: controller.config.CookieDomain, ForgotPasswordMessage: controller.config.ForgotPasswordMessage, BackgroundImage: controller.config.BackgroundImage, OAuthAutoRedirect: controller.config.OAuthAutoRedirect, diff --git a/internal/controller/context_controller_test.go b/internal/controller/context_controller_test.go index c8371f9..44f77a1 100644 --- a/internal/controller/context_controller_test.go +++ b/internal/controller/context_controller_test.go @@ -16,6 +16,7 @@ var controllerCfg = controller.ContextControllerConfig{ Title: "Test App", GenericName: "Generic", AppURL: "http://localhost:8080", + CookieDomain: "localhost", ForgotPasswordMessage: "Contact admin to reset your password.", BackgroundImage: "/assets/bg.jpg", OAuthAutoRedirect: "google", @@ -61,6 +62,7 @@ func TestAppContextHandler(t *testing.T) { Title: controllerCfg.Title, GenericName: controllerCfg.GenericName, AppURL: controllerCfg.AppURL, + CookieDomain: controllerCfg.CookieDomain, ForgotPasswordMessage: controllerCfg.ForgotPasswordMessage, BackgroundImage: controllerCfg.BackgroundImage, OAuthAutoRedirect: controllerCfg.OAuthAutoRedirect,