mirror of
https://github.com/openziti/zrok.git
synced 2024-12-23 07:09:12 +01:00
delete the zrok-access cookie if not oauth
This commit is contained in:
parent
0cb436801a
commit
25ac8a76f4
@ -157,6 +157,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
|
|||||||
switch scheme {
|
switch scheme {
|
||||||
case string(sdk.None):
|
case string(sdk.None):
|
||||||
logrus.Debugf("auth scheme none '%v'", shrToken)
|
logrus.Debugf("auth scheme none '%v'", shrToken)
|
||||||
|
deleteCookie(w, r)
|
||||||
handler.ServeHTTP(w, r)
|
handler.ServeHTTP(w, r)
|
||||||
return
|
return
|
||||||
|
|
||||||
@ -202,6 +203,7 @@ func authHandler(handler http.Handler, pcfg *Config, key []byte, ctx ziti.Contex
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
deleteCookie(w, r)
|
||||||
handler.ServeHTTP(w, r)
|
handler.ServeHTTP(w, r)
|
||||||
|
|
||||||
case string(sdk.Oauth):
|
case string(sdk.Oauth):
|
||||||
@ -360,6 +362,14 @@ func SetZrokCookie(w http.ResponseWriter, cookieDomain, email, accessToken, prov
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func deleteCookie(w http.ResponseWriter, r *http.Request) {
|
||||||
|
cookie, err := r.Cookie("zrok-access")
|
||||||
|
if err == nil {
|
||||||
|
cookie.MaxAge = -1
|
||||||
|
http.SetCookie(w, cookie)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func basicAuthRequired(w http.ResponseWriter, realm string) {
|
func basicAuthRequired(w http.ResponseWriter, realm string) {
|
||||||
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
||||||
w.WriteHeader(401)
|
w.WriteHeader(401)
|
||||||
|
Loading…
Reference in New Issue
Block a user