Skip to content

Commit

Permalink
Set auth cookie for all allowed origins (#81)
Browse files Browse the repository at this point in the history
  • Loading branch information
@feedmeapples
feedmeapples authored Jan 3, 2022
1 parent 4484839 commit f3c6778
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 2 additions & 0 deletions server/routes/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,8 @@ func authenticateCb(ctx context.Context, config *oauth2.Config, provider *oidc.P
Path: "/",
MaxAge: 7 * 24 * int(time.Hour.Seconds()),
HttpOnly: true,
SameSite: http.SameSiteNoneMode,
Secure: true,
}
sess.Values["access-token"] = &user.OAuth2Token.AccessToken
sess.Values["email"] = &user.IDToken.Email
Expand Down
5 changes: 3 additions & 2 deletions server/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,9 @@ func NewServer(opts ...server_options.ServerOption) *Server {
e.Use(middleware.Logger())
e.Use(middleware.Recover())
e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
AllowOrigins: serverOpts.Config.CORS.AllowOrigins,
AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept},
AllowOrigins: serverOpts.Config.CORS.AllowOrigins,
AllowHeaders: []string{echo.HeaderOrigin, echo.HeaderContentType, echo.HeaderAccept},
AllowCredentials: true,
}))
e.Use(session.Middleware(sessions.NewCookieStore(
securecookie.GenerateRandomKey(32),
Expand Down

0 comments on commit f3c6778

Please sign in to comment.