barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-27 20:25:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: rename domain to root domain

Browse Source
This commit is contained in:
Stavros
2025-09-01 18:19:57 +03:00
parent c80c37ba69
commit 95f8a95fd3
6 changed files with 30 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/bootstrap/app_bootstrap.go
View File

@@ -2,6 +2,7 @@ package bootstrap
import (
"fmt"
"net/url"
"strings"
"tinyauth/internal/config"
"tinyauth/internal/controller"
@@ -44,15 +45,16 @@ func (app *BootstrapApp) Setup() error {
return err
}
// Get domain
domain, err := utils.GetUpperDomain(app.Config.AppURL)
// Get root domain
rootDomain, err := utils.GetRootDomain(app.Config.AppURL)
if err != nil {
return err
}
// Cookie names
cookieId := utils.GenerateIdentifier(strings.Split(domain, ".")[0])
appUrl, _ := url.Parse(app.Config.AppURL) // Already validated
cookieId := utils.GenerateIdentifier(appUrl.Hostname())
sessionCookieName := fmt.Sprintf("%s-%s", config.SessionCookieName, cookieId)
csrfCookieName := fmt.Sprintf("%s-%s", config.CSRFCookieName, cookieId)
redirectCookieName := fmt.Sprintf("%s-%s", config.RedirectCookieName, cookieId)
@@ -63,7 +65,7 @@ func (app *BootstrapApp) Setup() error {
OauthWhitelist: app.Config.OAuthWhitelist,
SessionExpiry: app.Config.SessionExpiry,
SecureCookie: app.Config.SecureCookie,
Domain: domain,
RootDomain: rootDomain,
LoginTimeout: app.Config.LoginTimeout,
LoginMaxRetries: app.Config.LoginMaxRetries,
SessionCookieName: sessionCookieName,
@@ -153,7 +155,7 @@ func (app *BootstrapApp) Setup() error {
var middlewares []Middleware
contextMiddleware := middleware.NewContextMiddleware(middleware.ContextMiddlewareConfig{
Domain: domain,
RootDomain: rootDomain,
}, authService, oauthBrokerService)
uiMiddleware := middleware.NewUIMiddleware()
@@ -180,7 +182,7 @@ func (app *BootstrapApp) Setup() error {
Title: app.Config.Title,
GenericName: app.Config.GenericName,
AppURL: app.Config.AppURL,
RootDomain: domain,
RootDomain: rootDomain,
ForgotPasswordMessage: app.Config.ForgotPasswordMessage,
BackgroundImage: app.Config.BackgroundImage,
OAuthAutoRedirect: app.Config.OAuthAutoRedirect,
@@ -191,7 +193,7 @@ func (app *BootstrapApp) Setup() error {
SecureCookie: app.Config.SecureCookie,
CSRFCookieName: csrfCookieName,
RedirectCookieName: redirectCookieName,
Domain: domain,
RootDomain: rootDomain,
}, apiRouter, authService, oauthBrokerService)
proxyController := controller.NewProxyController(controller.ProxyControllerConfig{
@@ -199,7 +201,7 @@ func (app *BootstrapApp) Setup() error {
}, apiRouter, dockerService, authService)
userController := controller.NewUserController(controller.UserControllerConfig{
Domain: domain,
RootDomain: rootDomain,
}, apiRouter, authService)
resourcesController := controller.NewResourcesController(controller.ResourcesControllerConfig{

14
internal/controller/oauth_controller.go
View File

@@ -23,7 +23,7 @@ type OAuthControllerConfig struct {
RedirectCookieName string
SecureCookie bool
AppURL string
Domain string
RootDomain string
}
type OAuthController struct {
@@ -74,13 +74,13 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
state := service.GenerateState()
authURL := service.GetAuthURL(state)
c.SetCookie(controller.Config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true)
c.SetCookie(controller.Config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
redirectURI := c.Query("redirect_uri")
if redirectURI != "" && utils.IsRedirectSafe(redirectURI, controller.Config.Domain) {
if redirectURI != "" && utils.IsRedirectSafe(redirectURI, controller.Config.RootDomain) {
log.Debug().Msg("Setting redirect URI cookie")
c.SetCookie(controller.Config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true)
c.SetCookie(controller.Config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
}
c.JSON(200, gin.H{
@@ -112,7 +112,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
return
}
c.SetCookie(controller.Config.CSRFCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true)
c.SetCookie(controller.Config.CSRFCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
code := c.Query("code")
service, exists := controller.Broker.GetService(req.Provider)
@@ -189,7 +189,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
redirectURI, err := c.Cookie(controller.Config.RedirectCookieName)
if err != nil || !utils.IsRedirectSafe(redirectURI, controller.Config.Domain) {
if err != nil || !utils.IsRedirectSafe(redirectURI, controller.Config.RootDomain) {
log.Debug().Msg("No redirect URI cookie found, redirecting to app root")
c.Redirect(http.StatusTemporaryRedirect, controller.Config.AppURL)
return
@@ -205,6 +205,6 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
return
}
c.SetCookie(controller.Config.RedirectCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true)
c.SetCookie(controller.Config.RedirectCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/continue?%s", controller.Config.AppURL, queries.Encode()))
}

8
internal/controller/user_controller.go
View File

@@ -22,7 +22,7 @@ type TotpRequest struct {
}
type UserControllerConfig struct {
Domain string
RootDomain string
}
type UserController struct {
@@ -115,7 +115,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
err := controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: user.Username,
Name: utils.Capitalize(req.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.RootDomain),
Provider: "username",
TotpPending: true,
})
@@ -141,7 +141,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: req.Username,
Name: utils.Capitalize(req.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.RootDomain),
Provider: "username",
})
@@ -246,7 +246,7 @@ func (controller *UserController) totpHandler(c *gin.Context) {
err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: user.Username,
Name: utils.Capitalize(user.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.Config.Domain),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.Config.RootDomain),
Provider: "username",
})

6
internal/middleware/context_middleware.go
View File

@@ -12,7 +12,7 @@ import (
)
type ContextMiddlewareConfig struct {
Domain string
RootDomain string
}
type ContextMiddleware struct {
@@ -134,7 +134,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
c.Set("context", &config.UserContext{
Username: user.Username,
Name: utils.Capitalize(user.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), m.Config.Domain),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), m.Config.RootDomain),
Provider: "basic",
IsLoggedIn: true,
TotpEnabled: user.TotpSecret != "",
@@ -146,7 +146,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
c.Set("context", &config.UserContext{
Username: basic.Username,
Name: utils.Capitalize(basic.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(basic.Username), m.Config.Domain),
Email: fmt.Sprintf("%s@%s", strings.ToLower(basic.Username), m.Config.RootDomain),
Provider: "basic",
IsLoggedIn: true,
})

6
internal/service/auth_service.go
View File

@@ -28,7 +28,7 @@ type AuthServiceConfig struct {
OauthWhitelist string
SessionExpiry int
SecureCookie bool
Domain string
RootDomain string
LoginTimeout int
LoginMaxRetries int
SessionCookieName string
@@ -216,7 +216,7 @@ func (auth *AuthService) CreateSessionCookie(c *gin.Context, data *config.Sessio
return err
}
c.SetCookie(auth.Config.SessionCookieName, session.UUID, expiry, "/", fmt.Sprintf(".%s", auth.Config.Domain), auth.Config.SecureCookie, true)
c.SetCookie(auth.Config.SessionCookieName, session.UUID, expiry, "/", fmt.Sprintf(".%s", auth.Config.RootDomain), auth.Config.SecureCookie, true)
return nil
}
@@ -234,7 +234,7 @@ func (auth *AuthService) DeleteSessionCookie(c *gin.Context) error {
return res.Error
}
c.SetCookie(auth.Config.SessionCookieName, "", -1, "/", fmt.Sprintf(".%s", auth.Config.Domain), auth.Config.SecureCookie, true)
c.SetCookie(auth.Config.SessionCookieName, "", -1, "/", fmt.Sprintf(".%s", auth.Config.RootDomain), auth.Config.SecureCookie, true)
return nil
}

6
internal/utils/app_utils.go
View File

@@ -12,8 +12,8 @@ import (
"github.com/rs/zerolog"
)
// Get upper domain parses a hostname and returns the upper domain (e.g. sub1.sub2.domain.com -> sub2.domain.com)
func GetUpperDomain(appUrl string) (string, error) {
// Get root domain parses a hostname and returns the upper domain (e.g. sub1.sub2.domain.com -> sub2.domain.com)
func GetRootDomain(appUrl string) (string, error) {
appUrlParsed, err := url.Parse(appUrl)
if err != nil {
return "", err
@@ -88,7 +88,7 @@ func IsRedirectSafe(redirectURL string, domain string) bool {
return false
}
upper, err := GetUpperDomain(redirectURL)
upper, err := GetRootDomain(redirectURL)
if err != nil {
return false