Skip to content

Commit

Permalink
Use common sessioner for API and Web (#17027)
Browse files Browse the repository at this point in the history 
* Use common sessioner for API and Web

Instead of creating separate sessioner and doubly initialising the provider just
use the same sessioner for the API and Web routes.

Signed-off-by: Andrew Thornton <art27@cantab.net>
  • Loading branch information
@zeripath
zeripath authored Sep 12, 2021
1 parent aac7f68 commit a334a95
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 28 deletions.
16 changes: 3 additions & 13 deletions routers/api/v1/api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,6 @@ import (
"code.gitea.io/gitea/services/forms"

"gitea.com/go-chi/binding"
"gitea.com/go-chi/session"
"github.com/go-chi/cors"
)

Expand Down Expand Up @@ -547,20 +546,11 @@ func bind(obj interface{}) http.HandlerFunc {
}

// Routes registers all v1 APIs routes to web application.
func Routes() *web.Route {
func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
var m = web.NewRoute()

m.Use(session.Sessioner(session.Options{
Provider: setting.SessionConfig.Provider,
ProviderConfig: setting.SessionConfig.ProviderConfig,
CookieName: setting.SessionConfig.CookieName,
CookiePath: setting.SessionConfig.CookiePath,
Gclifetime: setting.SessionConfig.Gclifetime,
Maxlifetime: setting.SessionConfig.Maxlifetime,
Secure: setting.SessionConfig.Secure,
SameSite: setting.SessionConfig.SameSite,
Domain: setting.SessionConfig.Domain,
}))
m.Use(sessioner)

m.Use(securityHeaders())
if setting.CORSConfig.Enabled {
m.Use(cors.Handler(cors.Options{
Expand Down
18 changes: 16 additions & 2 deletions routers/init.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ import (
pull_service "code.gitea.io/gitea/services/pull"
"code.gitea.io/gitea/services/repository"
"code.gitea.io/gitea/services/webhook"

"gitea.com/go-chi/session"
)

// NewServices init new services
Expand Down Expand Up @@ -145,8 +147,20 @@ func NormalRoutes() *web.Route {
r.Use(middle)
}

r.Mount("/", web_routers.Routes())
r.Mount("/api/v1", apiv1.Routes())
sessioner := session.Sessioner(session.Options{
Provider: setting.SessionConfig.Provider,
ProviderConfig: setting.SessionConfig.ProviderConfig,
CookieName: setting.SessionConfig.CookieName,
CookiePath: setting.SessionConfig.CookiePath,
Gclifetime: setting.SessionConfig.Gclifetime,
Maxlifetime: setting.SessionConfig.Maxlifetime,
Secure: setting.SessionConfig.Secure,
SameSite: setting.SessionConfig.SameSite,
Domain: setting.SessionConfig.Domain,
})

r.Mount("/", web_routers.Routes(sessioner))
r.Mount("/api/v1", apiv1.Routes(sessioner))
r.Mount("/api/internal", private.Routes())
return r
}
15 changes: 2 additions & 13 deletions routers/web/web.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,6 @@ import (
_ "code.gitea.io/gitea/modules/session"

"gitea.com/go-chi/captcha"
"gitea.com/go-chi/session"
"github.com/NYTimes/gziphandler"
"github.com/go-chi/chi/middleware"
"github.com/go-chi/cors"
Expand Down Expand Up @@ -72,7 +71,7 @@ func CorsHandler() func(next http.Handler) http.Handler {
}

// Routes returns all web routes
func Routes() *web.Route {
func Routes(sessioner func(http.Handler) http.Handler) *web.Route {
routes := web.NewRoute()

routes.Use(public.AssetsHandler(&public.Options{
Expand All @@ -81,17 +80,7 @@ func Routes() *web.Route {
CorsHandler: CorsHandler(),
}))

routes.Use(session.Sessioner(session.Options{
Provider: setting.SessionConfig.Provider,
ProviderConfig: setting.SessionConfig.ProviderConfig,
CookieName: setting.SessionConfig.CookieName,
CookiePath: setting.SessionConfig.CookiePath,
Gclifetime: setting.SessionConfig.Gclifetime,
Maxlifetime: setting.SessionConfig.Maxlifetime,
Secure: setting.SessionConfig.Secure,
SameSite: setting.SessionConfig.SameSite,
Domain: setting.SessionConfig.Domain,
}))
routes.Use(sessioner)

routes.Use(Recovery())

Expand Down

0 comments on commit a334a95

Please sign in to comment.