diff options
| author |  kim <grufwub@gmail.com> | 2025-04-29 13:57:26 +0000 |
|---|---|---|
| committer |  tobi <kipvandenbos@noreply.codeberg.org> | 2025-04-29 13:57:26 +0000 |
| commit | 31628019fead4489d7a57868bee110f6b6e91d09 (patch) | |
| tree | a540739f3491d23054f455e9a85afd510fbf589f /internal/api/auth.go | |
| parent | [bugfix] don't prevent moved accounts from invalidating their old tokens (#4091) (diff) | |
| download | gotosocial-31628019fead4489d7a57868bee110f6b6e91d09.tar.xz | |
[chore] tweak NoLLaMas proof-of-work algorithm (#4090)
# Description
- tweaks the NoLLaMas proof-of-work algorithm to further granularity on time spent computing solutions
- standardizes GoToSocial cookie security directive setting in a CookiePolicy{} type
## Checklist
- [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md).
- [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat.
- [x] I/we have not leveraged AI to create the proposed changes.
- [x] I/we have performed a self-review of added code.
- [x] I/we have written code that is legible and maintainable by others.
- [x] I/we have commented the added code, particularly in hard-to-understand areas.
- [ ] I/we have made any necessary changes to documentation.
- [ ] I/we have added tests that cover new code.
- [ ] I/we have run tests and they pass locally with the changes.
- [x] I/we have run `go fmt ./...` and `golangci-lint run`.
Co-authored-by: tobi <tobi.smethurst@protonmail.com>
Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4090
Co-authored-by: kim <grufwub@gmail.com>
Co-committed-by: kim <grufwub@gmail.com>
Diffstat (limited to 'internal/api/auth.go')
| -rw-r--r-- | internal/api/auth.go | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/internal/api/auth.go b/internal/api/auth.go index 2504acb30..fb92f3ef1 100644 --- a/internal/api/auth.go +++ b/internal/api/auth.go @@ -19,6 +19,7 @@ package api import ( "code.superseriousbusiness.org/gotosocial/internal/api/auth" + apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util" "code.superseriousbusiness.org/gotosocial/internal/gtsmodel" "code.superseriousbusiness.org/gotosocial/internal/middleware" "code.superseriousbusiness.org/gotosocial/internal/oidc" @@ -31,6 +32,7 @@ import ( type Auth struct { routerSession *gtsmodel.RouterSession sessionName string + cookiePolicy apiutil.CookiePolicy auth *auth.Module } @@ -47,7 +49,12 @@ func (a *Auth) Route(r *router.Router, m ...gin.HandlerFunc) { Directives: []string{"private", "max-age=120"}, Vary: []string{"Accept", "Accept-Encoding"}, }) - sessionMiddleware = middleware.Session(a.sessionName, a.routerSession.Auth, a.routerSession.Crypt) + sessionMiddleware = middleware.Session( + a.sessionName, + a.routerSession.Auth, + a.routerSession.Crypt, + a.cookiePolicy, + ) ) authGroup.Use(m...) oauthGroup.Use(m...) @@ -64,10 +71,12 @@ func NewAuth( idp oidc.IDP, routerSession *gtsmodel.RouterSession, sessionName string, + cookiePolicy apiutil.CookiePolicy, ) *Auth { return &Auth{ routerSession: routerSession, sessionName: sessionName, + cookiePolicy: cookiePolicy, auth: auth.New(state, p, idp), } } |