From 31628019fead4489d7a57868bee110f6b6e91d09 Mon Sep 17 00:00:00 2001 From: kim Date: Tue, 29 Apr 2025 13:57:26 +0000 Subject: [chore] tweak NoLLaMas proof-of-work algorithm (#4090) # Description - tweaks the NoLLaMas proof-of-work algorithm to further granularity on time spent computing solutions - standardizes GoToSocial cookie security directive setting in a CookiePolicy{} type ## Checklist - [x] I/we have read the [GoToSocial contribution guidelines](https://codeberg.org/superseriousbusiness/gotosocial/src/branch/main/CONTRIBUTING.md). - [x] I/we have discussed the proposed changes already, either in an issue on the repository, or in the Matrix chat. - [x] I/we have not leveraged AI to create the proposed changes. - [x] I/we have performed a self-review of added code. - [x] I/we have written code that is legible and maintainable by others. - [x] I/we have commented the added code, particularly in hard-to-understand areas. - [ ] I/we have made any necessary changes to documentation. - [ ] I/we have added tests that cover new code. - [ ] I/we have run tests and they pass locally with the changes. - [x] I/we have run `go fmt ./...` and `golangci-lint run`. Co-authored-by: tobi Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4090 Co-authored-by: kim Co-committed-by: kim --- internal/api/auth.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'internal/api/auth.go') diff --git a/internal/api/auth.go b/internal/api/auth.go index 2504acb30..fb92f3ef1 100644 --- a/internal/api/auth.go +++ b/internal/api/auth.go @@ -19,6 +19,7 @@ package api import ( "code.superseriousbusiness.org/gotosocial/internal/api/auth" + apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util" "code.superseriousbusiness.org/gotosocial/internal/gtsmodel" "code.superseriousbusiness.org/gotosocial/internal/middleware" "code.superseriousbusiness.org/gotosocial/internal/oidc" @@ -31,6 +32,7 @@ import ( type Auth struct { routerSession *gtsmodel.RouterSession sessionName string + cookiePolicy apiutil.CookiePolicy auth *auth.Module } @@ -47,7 +49,12 @@ func (a *Auth) Route(r *router.Router, m ...gin.HandlerFunc) { Directives: []string{"private", "max-age=120"}, Vary: []string{"Accept", "Accept-Encoding"}, }) - sessionMiddleware = middleware.Session(a.sessionName, a.routerSession.Auth, a.routerSession.Crypt) + sessionMiddleware = middleware.Session( + a.sessionName, + a.routerSession.Auth, + a.routerSession.Crypt, + a.cookiePolicy, + ) ) authGroup.Use(m...) oauthGroup.Use(m...) @@ -64,10 +71,12 @@ func NewAuth( idp oidc.IDP, routerSession *gtsmodel.RouterSession, sessionName string, + cookiePolicy apiutil.CookiePolicy, ) *Auth { return &Auth{ routerSession: routerSession, sessionName: sessionName, + cookiePolicy: cookiePolicy, auth: auth.New(state, p, idp), } } -- cgit v1.2.3