Make session cookie name customizable. (#256)

This option is optional and set to authelia_session
by default.
This commit is contained in:
Clément Michaud 2018-08-19 13:07:00 +02:00 committed by GitHub
parent 2b1807d32b
commit 0dd9a5f815
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 20 additions and 5 deletions

View File

@ -173,6 +173,9 @@ access_control:
# #
# The session cookies identify the user once logged in. # The session cookies identify the user once logged in.
session: session:
# The name of the session cookie. (default: authelia_session).
name: authelia_session
# The secret to encrypt the session cookie. # The secret to encrypt the session cookie.
secret: unsecure_session_secret secret: unsecure_session_secret

View File

@ -39,6 +39,7 @@ describe("configuration/SessionConfigurationBuilder", function () {
}, },
port: 8080, port: 8080,
session: { session: {
name: "authelia_session",
domain: "example.com", domain: "example.com",
expiration: 3600, expiration: 3600,
secret: "secret" secret: "secret"
@ -73,6 +74,7 @@ describe("configuration/SessionConfigurationBuilder", function () {
const options = SessionConfigurationBuilder.build(configuration, deps); const options = SessionConfigurationBuilder.build(configuration, deps);
const expectedOptions = { const expectedOptions = {
name: "authelia_session",
secret: "secret", secret: "secret",
resave: false, resave: false,
saveUninitialized: true, saveUninitialized: true,
@ -118,6 +120,7 @@ describe("configuration/SessionConfigurationBuilder", function () {
}, },
port: 8080, port: 8080,
session: { session: {
name: "authelia_session",
domain: "example.com", domain: "example.com",
expiration: 3600, expiration: 3600,
secret: "secret", secret: "secret",
@ -165,6 +168,7 @@ describe("configuration/SessionConfigurationBuilder", function () {
secret: "secret", secret: "secret",
resave: false, resave: false,
saveUninitialized: true, saveUninitialized: true,
name: "authelia_session",
cookie: { cookie: {
secure: true, secure: true,
httpOnly: true, httpOnly: true,

View File

@ -7,6 +7,7 @@ export class SessionConfigurationBuilder {
static build(configuration: Configuration, deps: GlobalDependencies): ExpressSession.SessionOptions { static build(configuration: Configuration, deps: GlobalDependencies): ExpressSession.SessionOptions {
const sessionOptions: ExpressSession.SessionOptions = { const sessionOptions: ExpressSession.SessionOptions = {
name: configuration.session.name,
secret: configuration.session.secret, secret: configuration.session.secret,
resave: false, resave: false,
saveUninitialized: true, saveUninitialized: true,

View File

@ -9,6 +9,7 @@ describe("configuration/schema/SessionConfiguration", function() {
}; };
const newConfiguration = complete(configuration); const newConfiguration = complete(configuration);
Assert.equal(newConfiguration.name, 'authelia_session');
Assert.equal(newConfiguration.expiration, 3600000); Assert.equal(newConfiguration.expiration, 3600000);
Assert.equal(newConfiguration.inactivity, undefined); Assert.equal(newConfiguration.inactivity, undefined);
}); });

View File

@ -4,6 +4,7 @@ export interface SessionRedisOptions {
} }
export interface SessionConfiguration { export interface SessionConfiguration {
name?: string;
domain: string; domain: string;
secret: string; secret: string;
expiration?: number; expiration?: number;
@ -14,6 +15,10 @@ export interface SessionConfiguration {
export function complete(configuration: SessionConfiguration): SessionConfiguration { export function complete(configuration: SessionConfiguration): SessionConfiguration {
const newConfiguration: SessionConfiguration = (configuration) ? JSON.parse(JSON.stringify(configuration)) : {}; const newConfiguration: SessionConfiguration = (configuration) ? JSON.parse(JSON.stringify(configuration)) : {};
if (!newConfiguration.name) {
newConfiguration.name = "authelia_session";
}
if (!newConfiguration.expiration) { if (!newConfiguration.expiration) {
newConfiguration.expiration = 3600000; // 1 hour newConfiguration.expiration = 3600000; // 1 hour
} }

View File

@ -1,4 +1,4 @@
Feature: User and groups headers are correctly forwarded to backend Feature: Headers are correctly forwarded to backend
@need-authenticated-user-john @need-authenticated-user-john
Scenario: Custom-Forwarded-User and Custom-Forwarded-Groups are correctly forwarded to protected backend Scenario: Custom-Forwarded-User and Custom-Forwarded-Groups are correctly forwarded to protected backend
When I visit "https://public.example.com:8080/headers" When I visit "https://public.example.com:8080/headers"

View File

@ -2,7 +2,8 @@ import {Then} from "cucumber";
import seleniumWebdriver = require("selenium-webdriver"); import seleniumWebdriver = require("selenium-webdriver");
import CustomWorld = require("../support/world"); import CustomWorld = require("../support/world");
import Util = require("util"); import Util = require("util");
import BluebirdPromise = require("bluebird"); import Bluebird = require("bluebird");
import Request = require("request-promise");
Then("I see header {string} set to {string}", Then("I see header {string} set to {string}",
{ timeout: 5000 }, { timeout: 5000 },
@ -11,8 +12,8 @@ Then("I see header {string} set to {string}",
.then(function (txt: string) { .then(function (txt: string) {
const expectedLine = Util.format("\"%s\": \"%s\"", expectedHeaderName, expectedValue); const expectedLine = Util.format("\"%s\": \"%s\"", expectedHeaderName, expectedValue);
if (txt.indexOf(expectedLine) > 0) if (txt.indexOf(expectedLine) > 0)
return BluebirdPromise.resolve(); return Bluebird.resolve();
else else
return BluebirdPromise.reject(new Error(Util.format("No such header or with unexpected value."))); return Bluebird.reject(new Error(Util.format("No such header or with unexpected value.")));
}); });
}) })