aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--modules/cache/cache.go3
-rw-r--r--modules/setting/cache.go3
-rw-r--r--modules/setting/cors.go33
-rw-r--r--modules/setting/session.go39
-rw-r--r--routers/admin/admin.go9
-rw-r--r--routers/routes/routes.go22
6 files changed, 74 insertions, 35 deletions
diff --git a/modules/cache/cache.go b/modules/cache/cache.go
index ceb5772fcf..20d23f3b5b 100644
--- a/modules/cache/cache.go
+++ b/modules/cache/cache.go
@@ -11,6 +11,9 @@ import (
"code.gitea.io/gitea/modules/setting"
mc "gitea.com/macaron/cache"
+
+ _ "gitea.com/macaron/cache/memcache" // memcache plugin for cache
+ _ "gitea.com/macaron/cache/redis"
)
var conn mc.Cache
diff --git a/modules/setting/cache.go b/modules/setting/cache.go
index 7be24b865f..babb62baea 100644
--- a/modules/setting/cache.go
+++ b/modules/setting/cache.go
@@ -9,9 +9,6 @@ import (
"time"
"code.gitea.io/gitea/modules/log"
-
- _ "gitea.com/macaron/cache/memcache" // memcache plugin for cache
- _ "gitea.com/macaron/cache/redis"
)
// Cache represents cache settings
diff --git a/modules/setting/cors.go b/modules/setting/cors.go
index 04f3120536..d7856e8b23 100644
--- a/modules/setting/cors.go
+++ b/modules/setting/cors.go
@@ -8,34 +8,31 @@ import (
"time"
"code.gitea.io/gitea/modules/log"
-
- "gitea.com/macaron/cors"
)
var (
// CORSConfig defines CORS settings
- CORSConfig cors.Options
- // EnableCORS defines whether CORS settings is enabled or not
- EnableCORS bool
+ CORSConfig = struct {
+ Enabled bool
+ Scheme string
+ AllowDomain []string
+ AllowSubdomain bool
+ Methods []string
+ MaxAge time.Duration
+ AllowCredentials bool
+ }{
+ Enabled: false,
+ MaxAge: 10 * time.Minute,
+ }
)
func newCORSService() {
sec := Cfg.Section("cors")
- // Check cors setting.
- EnableCORS = sec.Key("ENABLED").MustBool(false)
-
- maxAge := sec.Key("MAX_AGE").MustDuration(10 * time.Minute)
-
- CORSConfig = cors.Options{
- Scheme: sec.Key("SCHEME").String(),
- AllowDomain: sec.Key("ALLOW_DOMAIN").Strings(","),
- AllowSubdomain: sec.Key("ALLOW_SUBDOMAIN").MustBool(),
- Methods: sec.Key("METHODS").Strings(","),
- MaxAgeSeconds: int(maxAge.Seconds()),
- AllowCredentials: sec.Key("ALLOW_CREDENTIALS").MustBool(),
+ if err := sec.MapTo(&CORSConfig); err != nil {
+ log.Fatal("Failed to map cors settings: %v", err)
}
- if EnableCORS {
+ if CORSConfig.Enabled {
log.Info("CORS Service Enabled")
}
}
diff --git a/modules/setting/session.go b/modules/setting/session.go
index 6e5a28bb75..bd51c420a0 100644
--- a/modules/setting/session.go
+++ b/modules/setting/session.go
@@ -11,28 +11,47 @@ import (
"strings"
"code.gitea.io/gitea/modules/log"
-
- "gitea.com/macaron/session"
)
var (
// SessionConfig difines Session settings
- SessionConfig session.Options
+ SessionConfig = struct {
+ Provider string
+ // Provider configuration, it's corresponding to provider.
+ ProviderConfig string
+ // Cookie name to save session ID. Default is "MacaronSession".
+ CookieName string
+ // Cookie path to store. Default is "/".
+ CookiePath string
+ // GC interval time in seconds. Default is 3600.
+ Gclifetime int64
+ // Max life time in seconds. Default is whatever GC interval time is.
+ Maxlifetime int64
+ // Use HTTPS only. Default is false.
+ Secure bool
+ // Cookie domain name. Default is empty.
+ Domain string
+ }{
+ CookieName: "i_like_gitea",
+ Gclifetime: 86400,
+ Maxlifetime: 86400,
+ }
)
func newSessionService() {
- SessionConfig.Provider = Cfg.Section("session").Key("PROVIDER").In("memory",
+ sec := Cfg.Section("session")
+ SessionConfig.Provider = sec.Key("PROVIDER").In("memory",
[]string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache", "nodb"})
- SessionConfig.ProviderConfig = strings.Trim(Cfg.Section("session").Key("PROVIDER_CONFIG").MustString(path.Join(AppDataPath, "sessions")), "\" ")
+ SessionConfig.ProviderConfig = strings.Trim(sec.Key("PROVIDER_CONFIG").MustString(path.Join(AppDataPath, "sessions")), "\" ")
if SessionConfig.Provider == "file" && !filepath.IsAbs(SessionConfig.ProviderConfig) {
SessionConfig.ProviderConfig = path.Join(AppWorkPath, SessionConfig.ProviderConfig)
}
- SessionConfig.CookieName = Cfg.Section("session").Key("COOKIE_NAME").MustString("i_like_gitea")
+ SessionConfig.CookieName = sec.Key("COOKIE_NAME").MustString("i_like_gitea")
SessionConfig.CookiePath = AppSubURL
- SessionConfig.Secure = Cfg.Section("session").Key("COOKIE_SECURE").MustBool(false)
- SessionConfig.Gclifetime = Cfg.Section("session").Key("GC_INTERVAL_TIME").MustInt64(86400)
- SessionConfig.Maxlifetime = Cfg.Section("session").Key("SESSION_LIFE_TIME").MustInt64(86400)
- SessionConfig.Domain = Cfg.Section("session").Key("DOMAIN").String()
+ SessionConfig.Secure = sec.Key("COOKIE_SECURE").MustBool(false)
+ SessionConfig.Gclifetime = sec.Key("GC_INTERVAL_TIME").MustInt64(86400)
+ SessionConfig.Maxlifetime = sec.Key("SESSION_LIFE_TIME").MustInt64(86400)
+ SessionConfig.Domain = sec.Key("DOMAIN").String()
shadowConfig, err := json.Marshal(SessionConfig)
if err != nil {
diff --git a/routers/admin/admin.go b/routers/admin/admin.go
index 56e5d321b3..cd425271a3 100644
--- a/routers/admin/admin.go
+++ b/routers/admin/admin.go
@@ -319,7 +319,14 @@ func Config(ctx *context.Context) {
if err := json.Unmarshal([]byte(sessionCfg.ProviderConfig), &realSession); err != nil {
log.Error("Unable to unmarshall session config for virtualed provider config: %s\nError: %v", sessionCfg.ProviderConfig, err)
}
- sessionCfg = realSession
+ sessionCfg.Provider = realSession.Provider
+ sessionCfg.ProviderConfig = realSession.ProviderConfig
+ sessionCfg.CookieName = realSession.CookieName
+ sessionCfg.CookiePath = realSession.CookiePath
+ sessionCfg.Gclifetime = realSession.Gclifetime
+ sessionCfg.Maxlifetime = realSession.Maxlifetime
+ sessionCfg.Secure = realSession.Secure
+ sessionCfg.Domain = realSession.Domain
}
sessionCfg.ProviderConfig = shadowPassword(sessionCfg.Provider, sessionCfg.ProviderConfig)
ctx.Data["SessionConfig"] = sessionCfg
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index 693f33fddb..a06eb46ad1 100644
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -201,7 +201,16 @@ func NewMacaron() *macaron.Macaron {
m.Use(captcha.Captchaer(captcha.Options{
SubURL: setting.AppSubURL,
}))
- m.Use(session.Sessioner(setting.SessionConfig))
+ m.Use(session.Sessioner(session.Options{
+ Provider: setting.SessionConfig.Provider,
+ ProviderConfig: setting.SessionConfig.ProviderConfig,
+ CookieName: setting.SessionConfig.CookieName,
+ CookiePath: setting.SessionConfig.CookiePath,
+ Gclifetime: setting.SessionConfig.Gclifetime,
+ Maxlifetime: setting.SessionConfig.Maxlifetime,
+ Secure: setting.SessionConfig.Secure,
+ Domain: setting.SessionConfig.Domain,
+ }))
m.Use(csrf.Csrfer(csrf.Options{
Secret: setting.SecretKey,
Cookie: setting.CSRFCookieName,
@@ -963,8 +972,15 @@ func RegisterRoutes(m *macaron.Macaron) {
}
var handlers []macaron.Handler
- if setting.EnableCORS {
- handlers = append(handlers, cors.CORS(setting.CORSConfig))
+ if setting.CORSConfig.Enabled {
+ handlers = append(handlers, cors.CORS(cors.Options{
+ Scheme: setting.CORSConfig.Scheme,
+ AllowDomain: setting.CORSConfig.AllowDomain,
+ AllowSubdomain: setting.CORSConfig.AllowSubdomain,
+ Methods: setting.CORSConfig.Methods,
+ MaxAgeSeconds: int(setting.CORSConfig.MaxAge.Seconds()),
+ AllowCredentials: setting.CORSConfig.AllowCredentials,
+ }))
}
handlers = append(handlers, ignSignIn)
m.Group("/api", func() {