fix path of cookies

3 years ago · 3f09fab2ef
parent 57eea2e79f
commit 3f09fab2ef
2 changed files with 21 additions and 10 deletions
--- a/auth.js
+++ b/auth.js
@ -2,7 +2,7 @@ import * as cookie from 'https://deno.land/std@0.188.0/http/cookie.ts'

 export class Auth {
  constructor({
-    baseUrl,
+    basePath,
    remoteBaseUrl,
    giteaAppBaseUrl,
    giteaApiBaseUrl,
@ -10,7 +10,7 @@ export class Auth {
    giteaClientId,
    giteaClientSecret
  }) {
-    this.baseUrl = baseUrl
+    this.basePath = basePath
    this.remoteBaseUrl = remoteBaseUrl
    this.giteaAppBaseUrl = giteaAppBaseUrl
    this.giteaApiBaseUrl = giteaApiBaseUrl
@ -50,8 +50,10 @@ export class Auth {
      Location: url
    })
    cookie.setCookie(headers, {
+      ...this.cookieSettings,
      name: 'oauth.gitea.state',
      value: state,
+      maxAge: 600,
    })
    event.respondWith(new Response('', {
      headers,
@ -73,6 +75,12 @@ export class Auth {
    )
  }

+  get cookieSettings() {
+    return {
+      path: `${this.basePath}/api`,
+    }
+  }
+
  async getToken(code) {
    const resp = await fetch(this.tokenEndpoint, {
      method: 'POST',
@ -93,14 +101,17 @@ export class Auth {

  saveTokens(headers, data) {
    cookie.setCookie(headers, {
+      ...this.cookieSettings,
      name: 'oauth.gitea.accessToken',
      value: data.access_token,
    })
    cookie.setCookie(headers, {
+      ...this.cookieSettings,
      name: 'oauth.gitea.refreshToken',
      value: data.refresh_token,
    })
    cookie.setCookie(headers, {
+      ...this.cookieSettings,
      name: 'oauth.gitea.expires',
      value: String(
        Math.floor(new Date().valueOf() / 1000) +
@ -165,12 +176,12 @@ export class Auth {

  async serve(event) {
    const {pathname} = new URL(event.request.url)
-    const u = this.baseUrl
-    if (pathname === `${u}/api/auth`) {
+    const b = this.basePath
+    if (pathname === `${b}/api/auth`) {
      await this.redirect(event)
-    } else if (pathname === `${u}/api/auth/callback`) {
+    } else if (pathname === `${b}/api/auth/callback`) {
      await this.callback(event)
-    } else if (pathname === `${u}/api/auth/refresh`) {
+    } else if (pathname === `${b}/api/auth/refresh`) {
      await this.refresh(event)
    } else {
      event.respondWith(new Response(
--- a/server.js
+++ b/server.js
@ -32,7 +32,7 @@ export class Server {
      'GITEA_CLIENT_SECRET',
    ])
    this.port = env.PORT ?? 3000
-    this.baseUrl = env.BASE_URL ?? '/macchiato'
+    this.basePath = env.BASE_PATH ?? '/macchiato'
    this.remoteBaseUrl = env.REMOTE_BASE_URL
    this.giteaAppBaseUrl = (
      env.GITEA_APP_BASE_URL ?? 'http://gitea:3000'
@ -50,7 +50,7 @@ export class Server {
      await this.configure()
    }
    this.auth = new Auth({
-      baseUrl: this.baseUrl,
+      basePath: this.basePath,
      remoteBaseUrl: this.remoteBaseUrl,
      giteaAppBaseUrl: this.giteaAppBaseUrl,
      giteaApiBaseUrl: this.giteaApiBaseUrl,
@ -127,14 +127,14 @@ export class Server {

  async serveRequest(event) {
    const {pathname: p} = new URL(event.request.url)
-    const base = this.baseUrl
+    const base = this.basePath
    if (p.startsWith(`${base}/api/auth`)) {
      await this.auth.serve(event)
    } else if (p.startsWith(`${base}/api/storage`)) {
      const {allow, headers} = (
        await this.auth.requireAuth(event)
      )
-      if (allowed) {
+      if (allow) {
        await this.storage.serve(event, headers)
      }
    } else {