Added an option to disable https-only

This commit is contained in:
adro 2022-04-28 11:08:11 +02:00
parent ed9d9474e3
commit d07b1d4dba
3 changed files with 10 additions and 7 deletions

View File

@ -17,6 +17,7 @@ type config struct {
Server string
PassHash string
SessionTTL float64
StrictCookies bool
Devices []Device
}
@ -28,6 +29,7 @@ func init() {
Config = config{
Server: ":8080",
SessionTTL: 10,
StrictCookies: true,
}
// Locations to look for a config file for

View File

@ -1,6 +1,7 @@
Server = ":8080" # The address the webserver should bind to
PassHash = "$2a$10$I.26oCzkjZ8qwfhbmeYM3.kppBjxtPsxkeE1Y.ULjVvA1IBPcQP42" # "password"
SessionTTL = 10 # How many minutes sessions last for
StrictCookies = true # Whether to use the strict cookie policy (HTTPS Only)
[[Devices]]
Alias = "SomeDevice"

View File

@ -59,7 +59,7 @@ func auth(c echo.Context) error {
Name: "session",
Value: token,
Path: "/",
Secure: true,
Secure: config.Config.StrictCookies,
HttpOnly: true,
SameSite: http.SameSiteStrictMode,
})