mirror of
https://github.com/TheAnachronism/docspell.git
synced 2025-05-31 20:42:51 +00:00
Fix domain for auth cookie
The domain was incorrectly extracted from the request. It must be using the `Host` header at last, trying now `X-Forwarded-For` and `X-Forwarded-Host` first.
This commit is contained in:
parent
ee3ae0a402
commit
67e1ba05f4
@ -0,0 +1,29 @@
|
||||
package docspell.restserver.http4s
|
||||
|
||||
import org.http4s._
|
||||
import org.http4s.headers._
|
||||
import org.http4s.util.CaseInsensitiveString
|
||||
|
||||
/** Obtain the host name of the client from the request.
|
||||
*/
|
||||
object ClientHost {
|
||||
|
||||
def get[F[_]](req: Request[F]): Option[String] =
|
||||
xForwardedFor(req)
|
||||
.orElse(xForwardedHost(req))
|
||||
.orElse(host(req))
|
||||
|
||||
private def host[F[_]](req: Request[F]): Option[String] =
|
||||
req.headers.get(Host).map(_.host)
|
||||
|
||||
private def xForwardedFor[F[_]](req: Request[F]): Option[String] =
|
||||
req.headers
|
||||
.get(`X-Forwarded-For`)
|
||||
.flatMap(_.values.head)
|
||||
.flatMap(inet => Option(inet.getHostName).orElse(Option(inet.getHostAddress)))
|
||||
|
||||
private def xForwardedHost[F[_]](req: Request[F]): Option[String] =
|
||||
req.headers
|
||||
.get(CaseInsensitiveString("X-Forwarded-Host"))
|
||||
.map(_.value)
|
||||
}
|
@ -7,6 +7,7 @@ import docspell.backend.auth._
|
||||
import docspell.restapi.model._
|
||||
import docspell.restserver._
|
||||
import docspell.restserver.auth._
|
||||
import docspell.restserver.http4s.ClientHost
|
||||
|
||||
import org.http4s._
|
||||
import org.http4s.circe.CirceEntityDecoder._
|
||||
@ -23,7 +24,7 @@ object LoginRoutes {
|
||||
for {
|
||||
up <- req.as[UserPass]
|
||||
res <- S.loginUserPass(cfg.auth)(Login.UserPass(up.account, up.password))
|
||||
remote = req.from.map(_.getHostName())
|
||||
remote = ClientHost.get(req)
|
||||
resp <- makeResponse(dsl, cfg, remote, res, up.account)
|
||||
} yield resp
|
||||
}
|
||||
@ -37,10 +38,10 @@ object LoginRoutes {
|
||||
case req @ POST -> Root / "session" =>
|
||||
Authenticate
|
||||
.authenticateRequest(S.loginSession(cfg.auth))(req)
|
||||
.flatMap(res => makeResponse(dsl, cfg, req.from.map(_.getHostName), res, ""))
|
||||
.flatMap(res => makeResponse(dsl, cfg, ClientHost.get(req), res, ""))
|
||||
|
||||
case req @ POST -> Root / "logout" =>
|
||||
Ok().map(_.addCookie(CookieData.deleteCookie(cfg, req.from.map(_.getHostName))))
|
||||
Ok().map(_.addCookie(CookieData.deleteCookie(cfg, ClientHost.get(req))))
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user