diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/config.go | 10 | ||||
-rw-r--r-- | app/diagnostics.go | 2 | ||||
-rw-r--r-- | app/login.go | 3 |
3 files changed, 15 insertions, 0 deletions
diff --git a/app/config.go b/app/config.go index b4925e8fb..a9cd84d90 100644 --- a/app/config.go +++ b/app/config.go @@ -12,6 +12,7 @@ import ( "encoding/base64" "encoding/json" "fmt" + "net/url" "runtime/debug" l4g "github.com/alecthomas/log4go" @@ -254,3 +255,12 @@ func (a *App) Desanitize(cfg *model.Config) { cfg.SqlSettings.DataSourceSearchReplicas[i] = actual.SqlSettings.DataSourceSearchReplicas[i] } } + +func (a *App) GetCookieDomain() string { + if *a.Config().ServiceSettings.AllowCookiesForSubdomains { + if siteURL, err := url.Parse(*a.Config().ServiceSettings.SiteURL); err == nil { + return siteURL.Hostname() + } + } + return "" +} diff --git a/app/diagnostics.go b/app/diagnostics.go index 6d83d3a89..12553afc8 100644 --- a/app/diagnostics.go +++ b/app/diagnostics.go @@ -243,6 +243,8 @@ func (a *App) trackConfig() { "isdefault_image_proxy_type": isDefault(*cfg.ServiceSettings.ImageProxyType, ""), "isdefault_image_proxy_url": isDefault(*cfg.ServiceSettings.ImageProxyURL, ""), "isdefault_image_proxy_options": isDefault(*cfg.ServiceSettings.ImageProxyOptions, ""), + "websocket_url": isDefault(*cfg.ServiceSettings.WebsocketURL, ""), + "allow_cookies_for_subdomains": *cfg.ServiceSettings.AllowCookiesForSubdomains, }) a.SendDiagnostic(TRACK_CONFIG_TEAM, map[string]interface{}{ diff --git a/app/login.go b/app/login.go index ecc0f0163..e01566bcd 100644 --- a/app/login.go +++ b/app/login.go @@ -113,6 +113,7 @@ func (a *App) DoLogin(w http.ResponseWriter, r *http.Request, user *model.User, secure = true } + domain := a.GetCookieDomain() expiresAt := time.Unix(model.GetMillis()/1000+int64(maxAge), 0) sessionCookie := &http.Cookie{ Name: model.SESSION_COOKIE_TOKEN, @@ -121,6 +122,7 @@ func (a *App) DoLogin(w http.ResponseWriter, r *http.Request, user *model.User, MaxAge: maxAge, Expires: expiresAt, HttpOnly: true, + Domain: domain, Secure: secure, } @@ -130,6 +132,7 @@ func (a *App) DoLogin(w http.ResponseWriter, r *http.Request, user *model.User, Path: "/", MaxAge: maxAge, Expires: expiresAt, + Domain: domain, Secure: secure, } |