feat: allow insecure cookies (resolve #27)

2023-08-10 21:12:56 +03:00 · 2020-05-30 12:11:21 +02:00
parent 002003a957
commit 9dae5a1f77
7 changed files with 20 additions and 8 deletions
--- a/routes/public.go
+++ b/routes/public.go
@ -93,7 +93,7 @@ func (h *IndexHandler) Login(w http.ResponseWriter, r *http.Request) {
 		Name:     models.AuthCookieKey,
 		Value:    encoded,
 		Path:     "/",
-		Secure:   true,
+		Secure:   !h.config.InsecureCookies,
 		HttpOnly: true,
 	}
 	http.SetCookie(w, cookie)
@ -105,7 +105,7 @@ func (h *IndexHandler) Logout(w http.ResponseWriter, r *http.Request) {
 		loadTemplates()
 	}

-	utils.ClearCookie(w, models.AuthCookieKey)
+	utils.ClearCookie(w, models.AuthCookieKey, !h.config.InsecureCookies)
 	http.Redirect(w, r, fmt.Sprintf("%s/", h.config.BasePath), http.StatusFound)
 }