delete the zrok-access cookie if not oauth

This commit is contained in:
Kenneth Bingham 2024-01-09 13:05:37 -05:00
parent 0cb436801a
commit 25ac8a76f4
No known key found for this signature in database
GPG Key ID: 31709281860130B6

View File

@ -157,6 +157,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
switch scheme {
case string(sdk.None):
logrus.Debugf("auth scheme none '%v'", shrToken)
deleteCookie(w, r)
handler.ServeHTTP(w, r)
return
@ -202,6 +203,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
return
}
deleteCookie(w, r)
handler.ServeHTTP(w, r)
case string(sdk.Oauth):
@ -360,6 +362,14 @@ func SetZrokCookie(w http.ResponseWriter, cookieDomain, email, accessToken, prov
})
}
func deleteCookie(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("zrok-access")
if err == nil {
cookie.MaxAge = -1
http.SetCookie(w, cookie)
}
}
func basicAuthRequired(w http.ResponseWriter, realm string) {
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
w.WriteHeader(401)