Added an option to disable https-only

This commit is contained in:
adro 2022-04-28 11:08:11 +02:00
parent ed9d9474e3
commit d07b1d4dba
3 changed files with 10 additions and 7 deletions

View File

@ -14,10 +14,11 @@ type Device struct {
} }
type config struct { type config struct {
Server string Server string
PassHash string PassHash string
SessionTTL float64 SessionTTL float64
Devices []Device StrictCookies bool
Devices []Device
} }
var Config config var Config config
@ -26,8 +27,9 @@ var configPath string
func init() { func init() {
Config = config{ Config = config{
Server: ":8080", Server: ":8080",
SessionTTL: 10, SessionTTL: 10,
StrictCookies: true,
} }
// Locations to look for a config file for // Locations to look for a config file for

View File

@ -1,6 +1,7 @@
Server = ":8080" # The address the webserver should bind to Server = ":8080" # The address the webserver should bind to
PassHash = "$2a$10$I.26oCzkjZ8qwfhbmeYM3.kppBjxtPsxkeE1Y.ULjVvA1IBPcQP42" # "password" PassHash = "$2a$10$I.26oCzkjZ8qwfhbmeYM3.kppBjxtPsxkeE1Y.ULjVvA1IBPcQP42" # "password"
SessionTTL = 10 # How many minutes sessions last for SessionTTL = 10 # How many minutes sessions last for
StrictCookies = true # Whether to use the strict cookie policy (HTTPS Only)
[[Devices]] [[Devices]]
Alias = "SomeDevice" Alias = "SomeDevice"

View File

@ -59,7 +59,7 @@ func auth(c echo.Context) error {
Name: "session", Name: "session",
Value: token, Value: token,
Path: "/", Path: "/",
Secure: true, Secure: config.Config.StrictCookies,
HttpOnly: true, HttpOnly: true,
SameSite: http.SameSiteStrictMode, SameSite: http.SameSiteStrictMode,
}) })