code.gitea.io/gitea@v1.19.3/modules/setting/session.go

code.gitea.io/gitea@v1.19.3/modules/setting/session.go (about)

     1  // Copyright 2019 The Gitea Authors. All rights reserved.
     2  // SPDX-License-Identifier: MIT
     3  
     4  package setting
     5  
     6  import (
     7  	"net/http"
     8  	"path"
     9  	"path/filepath"
    10  	"strings"
    11  
    12  	"code.gitea.io/gitea/modules/json"
    13  	"code.gitea.io/gitea/modules/log"
    14  )
    15  
    16  // SessionConfig defines Session settings
    17  var SessionConfig = struct {
    18  	OriginalProvider string
    19  	Provider         string
    20  	// Provider configuration, it's corresponding to provider.
    21  	ProviderConfig string
    22  	// Cookie name to save session ID. Default is "MacaronSession".
    23  	CookieName string
    24  	// Cookie path to store. Default is "/".
    25  	CookiePath string
    26  	// GC interval time in seconds. Default is 3600.
    27  	Gclifetime int64
    28  	// Max life time in seconds. Default is whatever GC interval time is.
    29  	Maxlifetime int64
    30  	// Use HTTPS only. Default is false.
    31  	Secure bool
    32  	// Cookie domain name. Default is empty.
    33  	Domain string
    34  	// SameSite declares if your cookie should be restricted to a first-party or same-site context. Valid strings are "none", "lax", "strict". Default is "lax"
    35  	SameSite http.SameSite
    36  }{
    37  	CookieName:  "i_like_gitea",
    38  	Gclifetime:  86400,
    39  	Maxlifetime: 86400,
    40  	SameSite:    http.SameSiteLaxMode,
    41  }
    42  
    43  func loadSessionFrom(rootCfg ConfigProvider) {
    44  	sec := rootCfg.Section("session")
    45  	SessionConfig.Provider = sec.Key("PROVIDER").In("memory",
    46  		[]string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache", "db"})
    47  	SessionConfig.ProviderConfig = strings.Trim(sec.Key("PROVIDER_CONFIG").MustString(path.Join(AppDataPath, "sessions")), "\" ")
    48  	if SessionConfig.Provider == "file" && !filepath.IsAbs(SessionConfig.ProviderConfig) {
    49  		SessionConfig.ProviderConfig = path.Join(AppWorkPath, SessionConfig.ProviderConfig)
    50  	}
    51  	SessionConfig.CookieName = sec.Key("COOKIE_NAME").MustString("i_like_gitea")
    52  	SessionConfig.CookiePath = AppSubURL
    53  	SessionConfig.Secure = sec.Key("COOKIE_SECURE").MustBool(false)
    54  	SessionConfig.Gclifetime = sec.Key("GC_INTERVAL_TIME").MustInt64(86400)
    55  	SessionConfig.Maxlifetime = sec.Key("SESSION_LIFE_TIME").MustInt64(86400)
    56  	SessionConfig.Domain = sec.Key("DOMAIN").String()
    57  	samesiteString := sec.Key("SAME_SITE").In("lax", []string{"none", "lax", "strict"})
    58  	switch strings.ToLower(samesiteString) {
    59  	case "none":
    60  		SessionConfig.SameSite = http.SameSiteNoneMode
    61  	case "strict":
    62  		SessionConfig.SameSite = http.SameSiteStrictMode
    63  	default:
    64  		SessionConfig.SameSite = http.SameSiteLaxMode
    65  	}
    66  	shadowConfig, err := json.Marshal(SessionConfig)
    67  	if err != nil {
    68  		log.Fatal("Can't shadow session config: %v", err)
    69  	}
    70  	SessionConfig.ProviderConfig = string(shadowConfig)
    71  	SessionConfig.OriginalProvider = SessionConfig.Provider
    72  	SessionConfig.Provider = "VirtualSession"
    73  
    74  	log.Info("Session Service Enabled")
    75  }