mirror of
https://github.com/openziti/zrok.git
synced 2024-12-22 23:02:52 +01:00
delete the zrok-access cookie if not oauth
This commit is contained in:
parent
0cb436801a
commit
25ac8a76f4
@ -157,6 +157,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
|
||||
switch scheme {
|
||||
case string(sdk.None):
|
||||
logrus.Debugf("auth scheme none '%v'", shrToken)
|
||||
deleteCookie(w, r)
|
||||
handler.ServeHTTP(w, r)
|
||||
return
|
||||
|
||||
@ -202,6 +203,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
|
||||
return
|
||||
}
|
||||
|
||||
deleteCookie(w, r)
|
||||
handler.ServeHTTP(w, r)
|
||||
|
||||
case string(sdk.Oauth):
|
||||
@ -360,6 +362,14 @@ func SetZrokCookie(w http.ResponseWriter, cookieDomain, email, accessToken, prov
|
||||
})
|
||||
}
|
||||
|
||||
func deleteCookie(w http.ResponseWriter, r *http.Request) {
|
||||
cookie, err := r.Cookie("zrok-access")
|
||||
if err == nil {
|
||||
cookie.MaxAge = -1
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
}
|
||||
|
||||
func basicAuthRequired(w http.ResponseWriter, realm string) {
|
||||
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
||||
w.WriteHeader(401)
|
||||
|
Loading…
Reference in New Issue
Block a user