sirtimbly/bewcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add option to allow extra domains in the auth cookie other than the one in base url (#39)

Browse Source 
* Add CONFIG_ALLOWED_COOKIE_DOMAINS option

* Apply suggestions from @BrunoBernardino

---------

Co-authored-by: Bruno Bernardino <me@brunobernardino.com>
This commit is contained in:
Sergio
2025-01-11 09:09:11 +02:00
committed by GitHub
parent aaeaac0285
commit 8929b6e7d2
2 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/auth.ts
View File

@@ -6,6 +6,7 @@ import 'std/dotenv/load.ts';
import { baseUrl, generateHash, isRunningLocally } from './utils/misc.ts';
import { User, UserSession } from './types.ts';
import { createUserSession, deleteUserSession, getUserByEmail, validateUserAndSession } from './data/user.ts';
import { isCookieDomainAllowed } from './config.ts';
const JWT_SECRET = Deno.env.get('JWT_SECRET') || '';
export const PASSWORD_SALT = Deno.env.get('PASSWORD_SALT') || '';
@@ -52,6 +53,10 @@ async function verifyAuthJwt(key: CryptoKey, jwt: string) {
function resolveCookieDomain(request: Request) {
if (!isBaseUrlAnIp() || isRunningLocally(request)) {
const domain = new URL(request.url).hostname;
if (isCookieDomainAllowed(domain)) {
return domain;
}
return baseUrl.replace('https://', '').replace('http://', '').split(':')[0];
}
return '';