sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions

fix(lib): use a new cookie per domain when COOKIE_DOMAIN is set (#490)

Browse source 
Also properly re-brand the cookies so that some of the /x/ heritage is
lost.

This will invalidate existing cookies and probably affects tests.

Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso 2025-05-12 09:23:42 -04:00 committed by GitHub
parent 9009596ded
commit 6c0ff3f4d5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 20 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

5
anubis.go
View file

@ -11,7 +11,10 @@ var Version = "devel"
// CookieName is the name of the cookie that Anubis uses in order to validate
// access.
const CookieName = "within.website-x-cmd-anubis-auth"
const CookieName = "techaro.lol-anubis-auth"
// WithDomainCookieName is the name that is prepended to the per-domain cookie used when COOKIE_DOMAIN is set.
const WithDomainCookieName = "techaro.lol-anubis-auth-for-"
// CookieDefaultExpirationTime is the amount of time before the cookie/JWT expires.
const CookieDefaultExpirationTime = 7 * 24 * time.Hour