2019-02-09 18:37:37 -07:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package setting
import (
2021-03-07 01:12:43 -07:00
"net/http"
2019-02-09 18:37:37 -07:00
"path"
"path/filepath"
"strings"
2021-07-24 10:03:58 -06:00
"code.gitea.io/gitea/modules/json"
2019-02-09 18:37:37 -07:00
"code.gitea.io/gitea/modules/log"
)
var (
2021-07-08 05:38:13 -06:00
// SessionConfig defines Session settings
2020-01-29 00:47:46 -07:00
SessionConfig = struct {
Provider string
// Provider configuration, it's corresponding to provider.
ProviderConfig string
// Cookie name to save session ID. Default is "MacaronSession".
CookieName string
// Cookie path to store. Default is "/".
CookiePath string
// GC interval time in seconds. Default is 3600.
Gclifetime int64
// Max life time in seconds. Default is whatever GC interval time is.
Maxlifetime int64
// Use HTTPS only. Default is false.
Secure bool
// Cookie domain name. Default is empty.
Domain string
2021-03-07 01:12:43 -07:00
// SameSite declares if your cookie should be restricted to a first-party or same-site context. Valid strings are "none", "lax", "strict". Default is "lax"
SameSite http . SameSite
2020-01-29 00:47:46 -07:00
} {
CookieName : "i_like_gitea" ,
Gclifetime : 86400 ,
Maxlifetime : 86400 ,
2021-03-07 01:12:43 -07:00
SameSite : http . SameSiteLaxMode ,
2020-01-29 00:47:46 -07:00
}
2019-02-09 18:37:37 -07:00
)
func newSessionService ( ) {
2020-01-29 00:47:46 -07:00
sec := Cfg . Section ( "session" )
SessionConfig . Provider = sec . Key ( "PROVIDER" ) . In ( "memory" ,
2021-02-14 22:33:31 -07:00
[ ] string { "memory" , "file" , "redis" , "mysql" , "postgres" , "couchbase" , "memcache" , "db" } )
2020-01-29 00:47:46 -07:00
SessionConfig . ProviderConfig = strings . Trim ( sec . Key ( "PROVIDER_CONFIG" ) . MustString ( path . Join ( AppDataPath , "sessions" ) ) , "\" " )
2019-02-09 18:37:37 -07:00
if SessionConfig . Provider == "file" && ! filepath . IsAbs ( SessionConfig . ProviderConfig ) {
SessionConfig . ProviderConfig = path . Join ( AppWorkPath , SessionConfig . ProviderConfig )
}
2020-01-29 00:47:46 -07:00
SessionConfig . CookieName = sec . Key ( "COOKIE_NAME" ) . MustString ( "i_like_gitea" )
2019-02-09 18:37:37 -07:00
SessionConfig . CookiePath = AppSubURL
2020-01-29 00:47:46 -07:00
SessionConfig . Secure = sec . Key ( "COOKIE_SECURE" ) . MustBool ( false )
SessionConfig . Gclifetime = sec . Key ( "GC_INTERVAL_TIME" ) . MustInt64 ( 86400 )
SessionConfig . Maxlifetime = sec . Key ( "SESSION_LIFE_TIME" ) . MustInt64 ( 86400 )
SessionConfig . Domain = sec . Key ( "DOMAIN" ) . String ( )
2021-03-07 01:12:43 -07:00
samesiteString := sec . Key ( "SAME_SITE" ) . In ( "lax" , [ ] string { "none" , "lax" , "strict" } )
switch strings . ToLower ( samesiteString ) {
case "none" :
SessionConfig . SameSite = http . SameSiteNoneMode
case "strict" :
SessionConfig . SameSite = http . SameSiteStrictMode
default :
SessionConfig . SameSite = http . SameSiteLaxMode
}
2019-04-20 00:44:50 -06:00
shadowConfig , err := json . Marshal ( SessionConfig )
if err != nil {
log . Fatal ( "Can't shadow session config: %v" , err )
}
SessionConfig . ProviderConfig = string ( shadowConfig )
SessionConfig . Provider = "VirtualSession"
2019-02-09 18:37:37 -07:00
log . Info ( "Session Service Enabled" )
}