Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-pages.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/internal/auth/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/auth/auth.go')
-rw-r--r--internal/auth/auth.go10
1 files changed, 5 insertions, 5 deletions
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index 920c5d12..77bc7d8e 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -35,6 +35,7 @@ const (
tokenContentTemplate = "client_id=%s&client_secret=%s&code=%s&grant_type=authorization_code&redirect_uri=%s"
callbackPath = "/auth"
authorizeProxyTemplate = "%s?domain=%s&state=%s"
+ authSessionMaxAge = 60 * 10 // 10 minutes
)
var (
@@ -75,10 +76,10 @@ func (a *Auth) getSessionFromStore(r *http.Request) (*sessions.Session, error) {
if session != nil {
// Cookie just for this domain
- session.Options = &sessions.Options{
- Path: "/",
- HttpOnly: true,
- }
+ session.Options.Path = "/"
+ session.Options.HttpOnly = true
+ session.Options.Secure = request.IsHTTPS(r)
+ session.Options.MaxAge = authSessionMaxAge
}
return session, err
@@ -582,7 +583,6 @@ func createCookieStore(storeSecret string) sessions.Store {
// New when authentication supported this will be used to create authentication handler
func New(pagesDomain string, storeSecret string, clientID string, clientSecret string,
redirectURI string, gitLabServer string) *Auth {
-
return &Auth{
pagesDomain: pagesDomain,
clientID: clientID,
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 05:27:11 +0300