2019-02-10 07:07:37 +05:30
// Copyright 2019 The Gitea Authors. All rights reserved.
2022-11-27 23:50:29 +05:30
// SPDX-License-Identifier: MIT
2019-02-10 07:07:37 +05:30
package setting
import (
2021-03-07 13:42:43 +05:30
"net/http"
2019-02-10 07:07:37 +05:30
"path"
"path/filepath"
"strings"
2021-07-24 21:33:58 +05:30
"code.gitea.io/gitea/modules/json"
2019-02-10 07:07:37 +05:30
"code.gitea.io/gitea/modules/log"
)
2022-01-20 23:16:10 +05:30
// SessionConfig defines Session settings
var SessionConfig = struct {
2023-02-19 21:42:01 +05:30
OriginalProvider string
Provider string
2022-01-20 23:16:10 +05:30
// Provider configuration, it's corresponding to provider.
ProviderConfig string
// Cookie name to save session ID. Default is "MacaronSession".
CookieName string
// Cookie path to store. Default is "/".
CookiePath string
// GC interval time in seconds. Default is 3600.
Gclifetime int64
// Max life time in seconds. Default is whatever GC interval time is.
Maxlifetime int64
// Use HTTPS only. Default is false.
Secure bool
// Cookie domain name. Default is empty.
Domain string
// SameSite declares if your cookie should be restricted to a first-party or same-site context. Valid strings are "none", "lax", "strict". Default is "lax"
SameSite http . SameSite
} {
CookieName : "i_like_gitea" ,
Gclifetime : 86400 ,
Maxlifetime : 86400 ,
SameSite : http . SameSiteLaxMode ,
}
2019-02-10 07:07:37 +05:30
2023-02-19 21:42:01 +05:30
func loadSessionFrom ( rootCfg ConfigProvider ) {
sec := rootCfg . Section ( "session" )
2020-01-29 13:17:46 +05:30
SessionConfig . Provider = sec . Key ( "PROVIDER" ) . In ( "memory" ,
2021-02-15 11:03:31 +05:30
[ ] string { "memory" , "file" , "redis" , "mysql" , "postgres" , "couchbase" , "memcache" , "db" } )
2020-01-29 13:17:46 +05:30
SessionConfig . ProviderConfig = strings . Trim ( sec . Key ( "PROVIDER_CONFIG" ) . MustString ( path . Join ( AppDataPath , "sessions" ) ) , "\" " )
2019-02-10 07:07:37 +05:30
if SessionConfig . Provider == "file" && ! filepath . IsAbs ( SessionConfig . ProviderConfig ) {
SessionConfig . ProviderConfig = path . Join ( AppWorkPath , SessionConfig . ProviderConfig )
}
2020-01-29 13:17:46 +05:30
SessionConfig . CookieName = sec . Key ( "COOKIE_NAME" ) . MustString ( "i_like_gitea" )
2019-02-10 07:07:37 +05:30
SessionConfig . CookiePath = AppSubURL
2020-01-29 13:17:46 +05:30
SessionConfig . Secure = sec . Key ( "COOKIE_SECURE" ) . MustBool ( false )
SessionConfig . Gclifetime = sec . Key ( "GC_INTERVAL_TIME" ) . MustInt64 ( 86400 )
SessionConfig . Maxlifetime = sec . Key ( "SESSION_LIFE_TIME" ) . MustInt64 ( 86400 )
SessionConfig . Domain = sec . Key ( "DOMAIN" ) . String ( )
2021-03-07 13:42:43 +05:30
samesiteString := sec . Key ( "SAME_SITE" ) . In ( "lax" , [ ] string { "none" , "lax" , "strict" } )
switch strings . ToLower ( samesiteString ) {
case "none" :
SessionConfig . SameSite = http . SameSiteNoneMode
case "strict" :
SessionConfig . SameSite = http . SameSiteStrictMode
default :
SessionConfig . SameSite = http . SameSiteLaxMode
}
2019-04-20 12:14:50 +05:30
shadowConfig , err := json . Marshal ( SessionConfig )
if err != nil {
log . Fatal ( "Can't shadow session config: %v" , err )
}
SessionConfig . ProviderConfig = string ( shadowConfig )
2023-02-19 21:42:01 +05:30
SessionConfig . OriginalProvider = SessionConfig . Provider
2019-04-20 12:14:50 +05:30
SessionConfig . Provider = "VirtualSession"
2019-02-10 07:07:37 +05:30
log . Info ( "Session Service Enabled" )
}