barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-05-08 05:18:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add option to run tinyauth on a top-level domain (#710)

Browse Source 
* Add TINYAUTH_AUTH_SUBDOMAINSENABLED option

Setting it to false allows to use Tinyauth on top-level domain only,
but forbids automatic cross-app authentication using Traefik/Nginx.

* fix: inform services and controllers if subdomain cookie domain is enabled

* chore: rabbit feedback

* fix: deny ip addresses for standalone domain

---------

Co-authored-by: Stavros <steveiliop56@gmail.com>
This commit is contained in:
Jacek Kowalski
2026-05-07 15:12:24 +02:00
committed by GitHub
parent 1382ab41e7
commit ca6a7fa551
8 changed files with 103 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/utils/app_utils.go
+22 -1
View File
@@ -22,7 +22,7 @@ func GetCookieDomain(u string) (string, error) {
host := parsed.Hostname()
if netIP := net.ParseIP(host); netIP != nil {
return "", errors.New("IP addresses not allowed")
return "", errors.New("ip addresses not allowed")
}
parts := strings.Split(host, ".")
@@ -47,6 +47,27 @@ func GetCookieDomain(u string) (string, error) {
return domain, nil
}
func GetStandaloneCookieDomain(u string) (string, error) {
parsed, err := url.Parse(u)
if err != nil {
return "", err
}
host := parsed.Hostname()
if netIP := net.ParseIP(host); netIP != nil {
return "", errors.New("ip addresses not allowed")
}
parts := strings.Split(host, ".")
if len(parts) < 2 {
return "", errors.New("invalid app url")
}
return host, nil
}
func ParseFileToLine(content string) string {
lines := strings.Split(content, "\n")
users := make([]string, 0)