opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-30 03:12:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

remove maxage from session token

Browse Source
This commit is contained in:
bergquist
2019-01-17 21:03:27 +01:00
parent 81879f0162
commit fd937e3d95
2 changed files with 7 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/middleware/middleware.go
View File

@ -4,7 +4,6 @@ import (
"net/http"
"net/url"
"strconv"
"time"
"github.com/grafana/grafana/pkg/bus"
"github.com/grafana/grafana/pkg/components/apikeygen"
@ -71,15 +70,14 @@ func GetContextHandler(ats *auth.UserAuthTokenService) macaron.Handler {
if rotated {
ctx.Logger.Info("new token", "unhashed token", ctx.UserToken.UnhashedToken)
//c.SetCookie("grafana_session", url.QueryEscape(ctx.UserToken.UnhashedToken), nil, setting.AppSubUrl+"/", setting.Domain, false, true)
// ctx.Resp.Header().Del("Set-Cookie")
ctx.Resp.Header().Del("Set-Cookie")
cookie := http.Cookie{
Name: "grafana_session",
Value: url.QueryEscape(ctx.UserToken.UnhashedToken),
HttpOnly: true,
MaxAge: int(time.Minute * 10),
Domain: setting.Domain,
Path: setting.AppSubUrl + "/",
//MaxAge: 600,
Domain: setting.Domain,
Path: setting.AppSubUrl + "/",
}
ctx.Resp.Header().Add("Set-Cookie", cookie.String())