mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2025-10-28 04:35:40 +00:00
feat: generate a unique id for the cookie names based on the domain (#161)
* feat: generate a unique id for the cookie names based on the domain * tests: fix tests
This commit is contained in:
Stavros
@@ -28,21 +28,29 @@ var apiConfig = types.APIConfig{
|
||||
// Simple handlers config for tests
|
||||
var handlersConfig = types.HandlersConfig{
|
||||
AppURL: "http://localhost:8080",
|
||||
Domain: "localhost",
|
||||
DisableContinue: false,
|
||||
CookieSecure: false,
|
||||
Title: "Tinyauth",
|
||||
GenericName: "Generic",
|
||||
ForgotPasswordMessage: "Some message",
|
||||
CsrfCookieName: "tinyauth-csrf",
|
||||
RedirectCookieName: "tinyauth-redirect",
|
||||
BackgroundImage: "https://example.com/image.png",
|
||||
OAuthAutoRedirect: "none",
|
||||
}
|
||||
|
||||
// Simple auth config for tests
|
||||
var authConfig = types.AuthConfig{
|
||||
Users: types.Users{},
|
||||
OauthWhitelist: "",
|
||||
Secret: "super-secret-api-thing-for-tests", // It is 32 chars long
|
||||
CookieSecure: false,
|
||||
SessionExpiry: 3600,
|
||||
LoginTimeout: 0,
|
||||
LoginMaxRetries: 0,
|
||||
Users: types.Users{},
|
||||
OauthWhitelist: "",
|
||||
Secret: "super-secret-api-thing-for-tests", // It is 32 chars long
|
||||
CookieSecure: false,
|
||||
SessionExpiry: 3600,
|
||||
LoginTimeout: 0,
|
||||
LoginMaxRetries: 0,
|
||||
SessionCookieName: "tinyauth-session",
|
||||
Domain: "localhost",
|
||||
}
|
||||
|
||||
// Simple hooks config for tests
|
||||
@@ -206,6 +214,9 @@ func TestAppContext(t *testing.T) {
|
||||
Title: "Tinyauth",
|
||||
GenericName: "Generic",
|
||||
ForgotPasswordMessage: "Some message",
|
||||
BackgroundImage: "https://example.com/image.png",
|
||||
OAuthAutoRedirect: "none",
|
||||
Domain: "localhost",
|
||||
}
|
||||
|
||||
// We should get the username back
|
||||
@@ -234,7 +245,7 @@ func TestUserContext(t *testing.T) {
|
||||
|
||||
// Set the cookie
|
||||
req.AddCookie(&http.Cookie{
|
||||
Name: "tinyauth",
|
||||
Name: "tinyauth-session",
|
||||
Value: cookie,
|
||||
})
|
||||
|
||||
|
||||
@@ -45,7 +45,7 @@ func (auth *Auth) GetSession(c *gin.Context) (*sessions.Session, error) {
|
||||
}
|
||||
|
||||
// Get session
|
||||
session, err := store.Get(c.Request, "tinyauth")
|
||||
session, err := store.Get(c.Request, auth.Config.SessionCookieName)
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("Failed to get session")
|
||||
return nil, err
|
||||
|
||||
@@ -21,3 +21,8 @@ type Claims struct {
|
||||
var Version = "development"
|
||||
var CommitHash = "n/a"
|
||||
var BuildTimestamp = "n/a"
|
||||
|
||||
// Cookie names
|
||||
var SessionCookieName = "tinyauth-session"
|
||||
var CsrfCookieName = "tinyauth-csrf"
|
||||
var RedirectCookieName = "tinyauth-redirect"
|
||||
|
||||
@@ -581,7 +581,7 @@ func (h *Handlers) OauthUrlHandler(c *gin.Context) {
|
||||
log.Debug().Msg("Got auth URL")
|
||||
|
||||
// Set CSRF cookie
|
||||
c.SetCookie("tinyauth-csrf", state, int(time.Hour.Seconds()), "/", "", h.Config.CookieSecure, true)
|
||||
c.SetCookie(h.Config.CsrfCookieName, state, int(time.Hour.Seconds()), "/", "", h.Config.CookieSecure, true)
|
||||
|
||||
// Get redirect URI
|
||||
redirectURI := c.Query("redirect_uri")
|
||||
@@ -589,7 +589,7 @@ func (h *Handlers) OauthUrlHandler(c *gin.Context) {
|
||||
// Set redirect cookie if redirect URI is provided
|
||||
if redirectURI != "" {
|
||||
log.Debug().Str("redirectURI", redirectURI).Msg("Setting redirect cookie")
|
||||
c.SetCookie("tinyauth-redirect", redirectURI, int(time.Hour.Seconds()), "/", "", h.Config.CookieSecure, true)
|
||||
c.SetCookie(h.Config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", "", h.Config.CookieSecure, true)
|
||||
}
|
||||
|
||||
// Return auth URL
|
||||
@@ -620,7 +620,7 @@ func (h *Handlers) OauthCallbackHandler(c *gin.Context) {
|
||||
state := c.Query("state")
|
||||
|
||||
// Get CSRF cookie
|
||||
csrfCookie, err := c.Cookie("tinyauth-csrf")
|
||||
csrfCookie, err := c.Cookie(h.Config.CsrfCookieName)
|
||||
|
||||
if err != nil {
|
||||
log.Debug().Msg("No CSRF cookie")
|
||||
@@ -638,7 +638,7 @@ func (h *Handlers) OauthCallbackHandler(c *gin.Context) {
|
||||
}
|
||||
|
||||
// Clean up CSRF cookie
|
||||
c.SetCookie("tinyauth-csrf", "", -1, "/", "", h.Config.CookieSecure, true)
|
||||
c.SetCookie(h.Config.CsrfCookieName, "", -1, "/", "", h.Config.CookieSecure, true)
|
||||
|
||||
// Get code
|
||||
code := c.Query("code")
|
||||
@@ -737,7 +737,7 @@ func (h *Handlers) OauthCallbackHandler(c *gin.Context) {
|
||||
})
|
||||
|
||||
// Check if we have a redirect URI
|
||||
redirectCookie, err := c.Cookie("tinyauth-redirect")
|
||||
redirectCookie, err := c.Cookie(h.Config.RedirectCookieName)
|
||||
|
||||
if err != nil {
|
||||
log.Debug().Msg("No redirect cookie")
|
||||
@@ -762,7 +762,7 @@ func (h *Handlers) OauthCallbackHandler(c *gin.Context) {
|
||||
}
|
||||
|
||||
// Clean up redirect cookie
|
||||
c.SetCookie("tinyauth-redirect", "", -1, "/", "", h.Config.CookieSecure, true)
|
||||
c.SetCookie(h.Config.RedirectCookieName, "", -1, "/", "", h.Config.CookieSecure, true)
|
||||
|
||||
// Redirect to continue with the redirect URI
|
||||
c.Redirect(http.StatusPermanentRedirect, fmt.Sprintf("%s/continue?%s", h.Config.AppURL, queries.Encode()))
|
||||
|
||||
@@ -48,6 +48,8 @@ type HandlersConfig struct {
|
||||
ForgotPasswordMessage string
|
||||
BackgroundImage string
|
||||
OAuthAutoRedirect string
|
||||
CsrfCookieName string
|
||||
RedirectCookieName string
|
||||
}
|
||||
|
||||
// OAuthConfig is the configuration for the providers
|
||||
@@ -73,14 +75,15 @@ type APIConfig struct {
|
||||
|
||||
// AuthConfig is the configuration for the auth service
|
||||
type AuthConfig struct {
|
||||
Users Users
|
||||
OauthWhitelist string
|
||||
SessionExpiry int
|
||||
Secret string
|
||||
CookieSecure bool
|
||||
Domain string
|
||||
LoginTimeout int
|
||||
LoginMaxRetries int
|
||||
Users Users
|
||||
OauthWhitelist string
|
||||
SessionExpiry int
|
||||
Secret string
|
||||
CookieSecure bool
|
||||
Domain string
|
||||
LoginTimeout int
|
||||
LoginMaxRetries int
|
||||
SessionCookieName string
|
||||
}
|
||||
|
||||
// HooksConfig is the configuration for the hooks service
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"tinyauth/internal/constants"
|
||||
"tinyauth/internal/types"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/rs/zerolog/log"
|
||||
)
|
||||
|
||||
@@ -344,3 +345,18 @@ func SanitizeHeader(header string) string {
|
||||
return -1
|
||||
}, header)
|
||||
}
|
||||
|
||||
// Generate a static identifier from a string
|
||||
func GenerateIdentifier(str string) string {
|
||||
// Create a new UUID
|
||||
uuid := uuid.NewSHA1(uuid.NameSpaceURL, []byte(str))
|
||||
|
||||
// Convert the UUID to a string
|
||||
uuidString := uuid.String()
|
||||
|
||||
// Show the UUID
|
||||
log.Debug().Str("uuid", uuidString).Msg("Generated UUID")
|
||||
|
||||
// Convert the UUID to a string
|
||||
return strings.Split(uuidString, "-")[0]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user