barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-27 20:25:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: rename domain to root domain

Browse Source
This commit is contained in:
Stavros
2025-09-01 18:19:57 +03:00
parent c80c37ba69
commit 95f8a95fd3
6 changed files with 30 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
internal/bootstrap/app_bootstrap.go
View File

@@ -2,6 +2,7 @@ package bootstrap
import ( import (
"fmt" "fmt"
"net/url"
"strings" "strings"
"tinyauth/internal/config" "tinyauth/internal/config"
"tinyauth/internal/controller" "tinyauth/internal/controller"
@@ -44,15 +45,16 @@ func (app *BootstrapApp) Setup() error {
return err return err
} }
// Get domain // Get root domain
domain, err := utils.GetUpperDomain(app.Config.AppURL) rootDomain, err := utils.GetRootDomain(app.Config.AppURL)
if err != nil { if err != nil {
return err return err
} }
// Cookie names // Cookie names
cookieId := utils.GenerateIdentifier(strings.Split(domain, ".")[0]) appUrl, _ := url.Parse(app.Config.AppURL) // Already validated
cookieId := utils.GenerateIdentifier(appUrl.Hostname())
sessionCookieName := fmt.Sprintf("%s-%s", config.SessionCookieName, cookieId) sessionCookieName := fmt.Sprintf("%s-%s", config.SessionCookieName, cookieId)
csrfCookieName := fmt.Sprintf("%s-%s", config.CSRFCookieName, cookieId) csrfCookieName := fmt.Sprintf("%s-%s", config.CSRFCookieName, cookieId)
redirectCookieName := fmt.Sprintf("%s-%s", config.RedirectCookieName, cookieId) redirectCookieName := fmt.Sprintf("%s-%s", config.RedirectCookieName, cookieId)
@@ -63,7 +65,7 @@ func (app *BootstrapApp) Setup() error {
OauthWhitelist: app.Config.OAuthWhitelist, OauthWhitelist: app.Config.OAuthWhitelist,
SessionExpiry: app.Config.SessionExpiry, SessionExpiry: app.Config.SessionExpiry,
SecureCookie: app.Config.SecureCookie, SecureCookie: app.Config.SecureCookie,
Domain: domain, RootDomain: rootDomain,
LoginTimeout: app.Config.LoginTimeout, LoginTimeout: app.Config.LoginTimeout,
LoginMaxRetries: app.Config.LoginMaxRetries, LoginMaxRetries: app.Config.LoginMaxRetries,
SessionCookieName: sessionCookieName, SessionCookieName: sessionCookieName,
@@ -153,7 +155,7 @@ func (app *BootstrapApp) Setup() error {
var middlewares []Middleware var middlewares []Middleware
contextMiddleware := middleware.NewContextMiddleware(middleware.ContextMiddlewareConfig{ contextMiddleware := middleware.NewContextMiddleware(middleware.ContextMiddlewareConfig{
Domain: domain, RootDomain: rootDomain,
}, authService, oauthBrokerService) }, authService, oauthBrokerService)
uiMiddleware := middleware.NewUIMiddleware() uiMiddleware := middleware.NewUIMiddleware()
@@ -180,7 +182,7 @@ func (app *BootstrapApp) Setup() error {
Title: app.Config.Title, Title: app.Config.Title,
GenericName: app.Config.GenericName, GenericName: app.Config.GenericName,
AppURL: app.Config.AppURL, AppURL: app.Config.AppURL,
RootDomain: domain, RootDomain: rootDomain,
ForgotPasswordMessage: app.Config.ForgotPasswordMessage, ForgotPasswordMessage: app.Config.ForgotPasswordMessage,
BackgroundImage: app.Config.BackgroundImage, BackgroundImage: app.Config.BackgroundImage,
OAuthAutoRedirect: app.Config.OAuthAutoRedirect, OAuthAutoRedirect: app.Config.OAuthAutoRedirect,
@@ -191,7 +193,7 @@ func (app *BootstrapApp) Setup() error {
SecureCookie: app.Config.SecureCookie, SecureCookie: app.Config.SecureCookie,
CSRFCookieName: csrfCookieName, CSRFCookieName: csrfCookieName,
RedirectCookieName: redirectCookieName, RedirectCookieName: redirectCookieName,
Domain: domain, RootDomain: rootDomain,
}, apiRouter, authService, oauthBrokerService) }, apiRouter, authService, oauthBrokerService)
proxyController := controller.NewProxyController(controller.ProxyControllerConfig{ proxyController := controller.NewProxyController(controller.ProxyControllerConfig{
@@ -199,7 +201,7 @@ func (app *BootstrapApp) Setup() error {
}, apiRouter, dockerService, authService) }, apiRouter, dockerService, authService)
userController := controller.NewUserController(controller.UserControllerConfig{ userController := controller.NewUserController(controller.UserControllerConfig{
Domain: domain, RootDomain: rootDomain,
}, apiRouter, authService) }, apiRouter, authService)
resourcesController := controller.NewResourcesController(controller.ResourcesControllerConfig{ resourcesController := controller.NewResourcesController(controller.ResourcesControllerConfig{

14
internal/controller/oauth_controller.go
View File

@@ -23,7 +23,7 @@ type OAuthControllerConfig struct {
RedirectCookieName string RedirectCookieName string
SecureCookie bool SecureCookie bool
AppURL string AppURL string
Domain string RootDomain string
} }
type OAuthController struct { type OAuthController struct {
@@ -74,13 +74,13 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
state := service.GenerateState() state := service.GenerateState()
authURL := service.GetAuthURL(state) authURL := service.GetAuthURL(state)
c.SetCookie(controller.Config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true) c.SetCookie(controller.Config.CSRFCookieName, state, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
redirectURI := c.Query("redirect_uri") redirectURI := c.Query("redirect_uri")
if redirectURI != "" && utils.IsRedirectSafe(redirectURI, controller.Config.Domain) { if redirectURI != "" && utils.IsRedirectSafe(redirectURI, controller.Config.RootDomain) {
log.Debug().Msg("Setting redirect URI cookie") log.Debug().Msg("Setting redirect URI cookie")
c.SetCookie(controller.Config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true) c.SetCookie(controller.Config.RedirectCookieName, redirectURI, int(time.Hour.Seconds()), "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
} }
c.JSON(200, gin.H{ c.JSON(200, gin.H{
@@ -112,7 +112,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
return return
} }
c.SetCookie(controller.Config.CSRFCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true) c.SetCookie(controller.Config.CSRFCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
code := c.Query("code") code := c.Query("code")
service, exists := controller.Broker.GetService(req.Provider) service, exists := controller.Broker.GetService(req.Provider)
@@ -189,7 +189,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
redirectURI, err := c.Cookie(controller.Config.RedirectCookieName) redirectURI, err := c.Cookie(controller.Config.RedirectCookieName)
if err != nil || !utils.IsRedirectSafe(redirectURI, controller.Config.Domain) { if err != nil || !utils.IsRedirectSafe(redirectURI, controller.Config.RootDomain) {
log.Debug().Msg("No redirect URI cookie found, redirecting to app root") log.Debug().Msg("No redirect URI cookie found, redirecting to app root")
c.Redirect(http.StatusTemporaryRedirect, controller.Config.AppURL) c.Redirect(http.StatusTemporaryRedirect, controller.Config.AppURL)
return return
@@ -205,6 +205,6 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
return return
} }
c.SetCookie(controller.Config.RedirectCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.Domain), controller.Config.SecureCookie, true) c.SetCookie(controller.Config.RedirectCookieName, "", -1, "/", fmt.Sprintf(".%s", controller.Config.RootDomain), controller.Config.SecureCookie, true)
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/continue?%s", controller.Config.AppURL, queries.Encode())) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/continue?%s", controller.Config.AppURL, queries.Encode()))
} }

8
internal/controller/user_controller.go
View File

@@ -22,7 +22,7 @@ type TotpRequest struct {
} }
type UserControllerConfig struct { type UserControllerConfig struct {
Domain string RootDomain string
} }
type UserController struct { type UserController struct {
@@ -115,7 +115,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
err := controller.Auth.CreateSessionCookie(c, &config.SessionCookie{ err := controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: user.Username, Username: user.Username,
Name: utils.Capitalize(req.Username), Name: utils.Capitalize(req.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain), Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.RootDomain),
Provider: "username", Provider: "username",
TotpPending: true, TotpPending: true,
}) })
@@ -141,7 +141,7 @@ func (controller *UserController) loginHandler(c *gin.Context) {
err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{ err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: req.Username, Username: req.Username,
Name: utils.Capitalize(req.Username), Name: utils.Capitalize(req.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.Domain), Email: fmt.Sprintf("%s@%s", strings.ToLower(req.Username), controller.Config.RootDomain),
Provider: "username", Provider: "username",
}) })
@@ -246,7 +246,7 @@ func (controller *UserController) totpHandler(c *gin.Context) {
err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{ err = controller.Auth.CreateSessionCookie(c, &config.SessionCookie{
Username: user.Username, Username: user.Username,
Name: utils.Capitalize(user.Username), Name: utils.Capitalize(user.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.Config.Domain), Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), controller.Config.RootDomain),
Provider: "username", Provider: "username",
}) })

6
internal/middleware/context_middleware.go
View File

@@ -12,7 +12,7 @@ import (
) )
type ContextMiddlewareConfig struct { type ContextMiddlewareConfig struct {
Domain string RootDomain string
} }
type ContextMiddleware struct { type ContextMiddleware struct {
@@ -134,7 +134,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
c.Set("context", &config.UserContext{ c.Set("context", &config.UserContext{
Username: user.Username, Username: user.Username,
Name: utils.Capitalize(user.Username), Name: utils.Capitalize(user.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), m.Config.Domain), Email: fmt.Sprintf("%s@%s", strings.ToLower(user.Username), m.Config.RootDomain),
Provider: "basic", Provider: "basic",
IsLoggedIn: true, IsLoggedIn: true,
TotpEnabled: user.TotpSecret != "", TotpEnabled: user.TotpSecret != "",
@@ -146,7 +146,7 @@ func (m *ContextMiddleware) Middleware() gin.HandlerFunc {
c.Set("context", &config.UserContext{ c.Set("context", &config.UserContext{
Username: basic.Username, Username: basic.Username,
Name: utils.Capitalize(basic.Username), Name: utils.Capitalize(basic.Username),
Email: fmt.Sprintf("%s@%s", strings.ToLower(basic.Username), m.Config.Domain), Email: fmt.Sprintf("%s@%s", strings.ToLower(basic.Username), m.Config.RootDomain),
Provider: "basic", Provider: "basic",
IsLoggedIn: true, IsLoggedIn: true,
}) })

6
internal/service/auth_service.go
View File

@@ -28,7 +28,7 @@ type AuthServiceConfig struct {
OauthWhitelist string OauthWhitelist string
SessionExpiry int SessionExpiry int
SecureCookie bool SecureCookie bool
Domain string RootDomain string
LoginTimeout int LoginTimeout int
LoginMaxRetries int LoginMaxRetries int
SessionCookieName string SessionCookieName string
@@ -216,7 +216,7 @@ func (auth *AuthService) CreateSessionCookie(c *gin.Context, data *config.Sessio
return err return err
} }
c.SetCookie(auth.Config.SessionCookieName, session.UUID, expiry, "/", fmt.Sprintf(".%s", auth.Config.Domain), auth.Config.SecureCookie, true) c.SetCookie(auth.Config.SessionCookieName, session.UUID, expiry, "/", fmt.Sprintf(".%s", auth.Config.RootDomain), auth.Config.SecureCookie, true)
return nil return nil
} }
@@ -234,7 +234,7 @@ func (auth *AuthService) DeleteSessionCookie(c *gin.Context) error {
return res.Error return res.Error
} }
c.SetCookie(auth.Config.SessionCookieName, "", -1, "/", fmt.Sprintf(".%s", auth.Config.Domain), auth.Config.SecureCookie, true) c.SetCookie(auth.Config.SessionCookieName, "", -1, "/", fmt.Sprintf(".%s", auth.Config.RootDomain), auth.Config.SecureCookie, true)
return nil return nil
} }

6
internal/utils/app_utils.go
View File

@@ -12,8 +12,8 @@ import (
"github.com/rs/zerolog" "github.com/rs/zerolog"
) )
// Get upper domain parses a hostname and returns the upper domain (e.g. sub1.sub2.domain.com -> sub2.domain.com) // Get root domain parses a hostname and returns the upper domain (e.g. sub1.sub2.domain.com -> sub2.domain.com)
func GetUpperDomain(appUrl string) (string, error) { func GetRootDomain(appUrl string) (string, error) {
appUrlParsed, err := url.Parse(appUrl) appUrlParsed, err := url.Parse(appUrl)
if err != nil { if err != nil {
return "", err return "", err
@@ -88,7 +88,7 @@ func IsRedirectSafe(redirectURL string, domain string) bool {
return false return false
} }
upper, err := GetUpperDomain(redirectURL) upper, err := GetRootDomain(redirectURL)
if err != nil { if err != nil {
return false return false