Added an option to disable https-only
This commit is contained in:
parent
ed9d9474e3
commit
d07b1d4dba
|
@ -17,6 +17,7 @@ type config struct {
|
|||
Server string
|
||||
PassHash string
|
||||
SessionTTL float64
|
||||
StrictCookies bool
|
||||
Devices []Device
|
||||
}
|
||||
|
||||
|
@ -28,6 +29,7 @@ func init() {
|
|||
Config = config{
|
||||
Server: ":8080",
|
||||
SessionTTL: 10,
|
||||
StrictCookies: true,
|
||||
}
|
||||
|
||||
// Locations to look for a config file for
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
Server = ":8080" # The address the webserver should bind to
|
||||
PassHash = "$2a$10$I.26oCzkjZ8qwfhbmeYM3.kppBjxtPsxkeE1Y.ULjVvA1IBPcQP42" # "password"
|
||||
SessionTTL = 10 # How many minutes sessions last for
|
||||
StrictCookies = true # Whether to use the strict cookie policy (HTTPS Only)
|
||||
|
||||
[[Devices]]
|
||||
Alias = "SomeDevice"
|
||||
|
|
|
@ -59,7 +59,7 @@ func auth(c echo.Context) error {
|
|||
Name: "session",
|
||||
Value: token,
|
||||
Path: "/",
|
||||
Secure: true,
|
||||
Secure: config.Config.StrictCookies,
|
||||
HttpOnly: true,
|
||||
SameSite: http.SameSiteStrictMode,
|
||||
})
|
||||
|
|
Loading…
Reference in New Issue
Block a user