mattnite
/
forgejo-tickets
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Set Secure flag on session cookie for HTTPS 

Fixes #9
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Matthew Knight 2026-02-17 15:50:18 -08:00
parent 29cbe1a52b
commit e6cd175c92
No known key found for this signature in database
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/server/main.go
View File

@ -5,6 +5,7 @@ import (
"net/http" "net/http"
"os" "os"
"os/signal" "os/signal"
"strings"
"syscall" "syscall"
"time" "time"
@ -54,7 +55,7 @@ func main() {
log.Info().Str("bot_login", forgejoClient.BotLogin).Msg("forgejo bot login initialized") log.Info().Str("bot_login", forgejoClient.BotLogin).Msg("forgejo bot login initialized")
} }
sessionStore := auth.NewPGStore(db, []byte(cfg.SessionSecret)) sessionStore := auth.NewPGStore(db, strings.HasPrefix(cfg.BaseURL, "https"), []byte(cfg.SessionSecret))
authService := auth.NewService(db, sessionStore, emailClient) authService := auth.NewService(db, sessionStore, emailClient)
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())

3
internal/auth/store.go
View File

@ -28,7 +28,7 @@ type PGStore struct {
options *sessions.Options options *sessions.Options
} }
func NewPGStore(db *gorm.DB, keyPairs ...[]byte) *PGStore { func NewPGStore(db *gorm.DB, secure bool, keyPairs ...[]byte) *PGStore {
return &PGStore{ return &PGStore{
db: db, db: db,
codecs: securecookie.CodecsFromPairs(keyPairs...), codecs: securecookie.CodecsFromPairs(keyPairs...),
@ -36,6 +36,7 @@ func NewPGStore(db *gorm.DB, keyPairs ...[]byte) *PGStore {
Path: "/", Path: "/",
MaxAge: sessionMaxAge, MaxAge: sessionMaxAge,
HttpOnly: true, HttpOnly: true,
Secure: secure,
SameSite: http.SameSiteLaxMode, SameSite: http.SameSiteLaxMode,
}, },
} }