From 928267287df532a6e8fb0775e3138ee21f2173f5 Mon Sep 17 00:00:00 2001 From: Freya Murphy Date: Mon, 27 May 2024 11:46:42 -0400 Subject: [PATCH] fix cookies --- .gitignore | 1 - conf/ldap/ldap.env | 1 + src/web/helpers/auth.php | 13 +++++++++---- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 0b12f2d..1269488 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ data -conf/ldap/ldap.env diff --git a/conf/ldap/ldap.env b/conf/ldap/ldap.env index f387147..29f55c0 100644 --- a/conf/ldap/ldap.env +++ b/conf/ldap/ldap.env @@ -7,3 +7,4 @@ LDAP_FILTER="(&)" LDAP_UID="cn" HTTP_HOST=auth.example.com +COOKIE_DOMAIN=example.com diff --git a/src/web/helpers/auth.php b/src/web/helpers/auth.php index 3ff1e71..9228706 100644 --- a/src/web/helpers/auth.php +++ b/src/web/helpers/auth.php @@ -13,13 +13,18 @@ function get_cookie() { function store_cookie($key) { $cookie_name = 'X-LDAP-Auth-Key'; + $cookie_options = array ( + 'expires' => time() + 60*60*24*30, + 'path' => '/', + 'domain' => getenv("COOKIE_DOMAIN"), + 'secure' => true, + 'httponly' => true, + 'samesite' => 'None' + ); setcookie( $cookie_name, $key, - time() + (86400 * 30), - "/", - TRUE, - TRUE + $cookie_options ); }