From 05e9af089c3041fa162e4dca3b1c5906496e8e90 Mon Sep 17 00:00:00 2001
From: Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com>
Date: Fri, 23 Jul 2021 10:36:28 +0200
Subject: Oidc (#109)

* add oidc config

* inching forward with oidc idp

* lil webfingy fix

* bit more progress

* further oidc

* oidc now working

* document dex config

* replace broken images

* add additional credits

* tiny doc update

* update

* add oidc config

* inching forward with oidc idp

* bit more progress

* further oidc

* oidc now working

* document dex config

* replace broken images

* add additional credits

* tiny doc update

* update

* document

* docs + comments
---
 internal/router/session.go | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

(limited to 'internal/router/session.go')

diff --git a/internal/router/session.go b/internal/router/session.go
index 2d00f7677..2b9be2f56 100644
--- a/internal/router/session.go
+++ b/internal/router/session.go
@@ -33,6 +33,18 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/id"
 )
 
+// SessionOptions returns the standard set of options to use for each session.
+func SessionOptions(cfg *config.Config) sessions.Options {
+	return sessions.Options{
+		Path:     "/",
+		Domain:   cfg.Host,
+		MaxAge:   120,                      // 2 minutes
+		Secure:   true,                     // only use cookie over https
+		HttpOnly: true,                     // exclude javascript from inspecting cookie
+		SameSite: http.SameSiteDefaultMode, // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-same-site-00#section-4.1.1
+	}
+}
+
 func useSession(cfg *config.Config, dbService db.DB, engine *gin.Engine) error {
 	// check if we have a saved router session already
 	routerSessions := []*gtsmodel.RouterSession{}
@@ -64,14 +76,7 @@ func useSession(cfg *config.Config, dbService db.DB, engine *gin.Engine) error {
 	}
 
 	store := memstore.NewStore(rs.Auth, rs.Crypt)
-	store.Options(sessions.Options{
-		Path:     "/",
-		Domain:   cfg.Host,
-		MaxAge:   120,                     // 2 minutes
-		Secure:   true,                    // only use cookie over https
-		HttpOnly: true,                    // exclude javascript from inspecting cookie
-		SameSite: http.SameSiteStrictMode, // https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-same-site-00#section-4.1.1
-	})
+	store.Options(SessionOptions(cfg))
 	sessionName := fmt.Sprintf("gotosocial-%s", cfg.Host)
 	engine.Use(sessions.Sessions(sessionName, store))
 	return nil
-- 
cgit v1.2.3