CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-07-02 04:50:44 +12:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2906 from Budibase/fix/internal-login-honour-domain

Browse source 
Honour cookie domain when custom sso is enabled
This commit is contained in:
Rory Powell 2021-10-06 17:02:10 +01:00 committed by GitHub
parent d10fe0f770 322ef42713
commit 6a7fc4758a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
packages/worker/src/api/controllers/global/auth.js
View file

@ -41,13 +41,19 @@ async function authInternal(ctx, user, err = null, info = null) {
return ctx.throw(403, info ? info : "Unauthorized")
}
// just store the user ID
ctx.cookies.set(Cookies.Auth, user.token, {
const config = {
expires,
path: "/",
httpOnly: false,
overwrite: true,
})
}
if (env.COOKIE_DOMAIN) {
config.domain = env.COOKIE_DOMAIN
}
// just store the user ID
ctx.cookies.set(Cookies.Auth, user.token, config)
}
exports.authenticate = async (ctx, next) => {

1
packages/worker/src/environment.js
View file

@ -41,6 +41,7 @@ module.exports = {
SMTP_PORT: process.env.SMTP_PORT,
SMTP_FROM_ADDRESS: process.env.SMTP_FROM_ADDRESS,
PLATFORM_URL: process.env.PLATFORM_URL,
COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
_set(key, value) {
process.env[key] = value
module.exports[key] = value