mirror of https://github.com/coder/coder.git
52 lines
1.6 KiB
Go
52 lines
1.6 KiB
Go
package workspaceapps
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/coder/coder/v2/coderd/httpmw"
|
|
"github.com/coder/coder/v2/codersdk"
|
|
)
|
|
|
|
// AppConnectSessionTokenCookieName returns the cookie name for the session
|
|
// token for the given access method.
|
|
func AppConnectSessionTokenCookieName(accessMethod AccessMethod) string {
|
|
if accessMethod == AccessMethodSubdomain {
|
|
return codersdk.SubdomainAppSessionTokenCookie
|
|
}
|
|
return codersdk.PathAppSessionTokenCookie
|
|
}
|
|
|
|
// AppConnectSessionTokenFromRequest returns the session token from the request
|
|
// if it exists. The access method is used to determine which cookie name to
|
|
// use.
|
|
//
|
|
// We use different cookie names for path apps and for subdomain apps to avoid
|
|
// both being set and sent to the server at the same time and the server using
|
|
// the wrong value.
|
|
//
|
|
// We use different cookie names for:
|
|
// - path apps on primary access URL: coder_session_token
|
|
// - path apps on proxies: coder_path_app_session_token
|
|
// - subdomain apps: coder_subdomain_app_session_token
|
|
//
|
|
// First we try the default function to get a token from request, which supports
|
|
// query parameters, the Coder-Session-Token header and the coder_session_token
|
|
// cookie.
|
|
//
|
|
// Then we try the specific cookie name for the access method.
|
|
func AppConnectSessionTokenFromRequest(r *http.Request, accessMethod AccessMethod) string {
|
|
// Try the default function first.
|
|
token := httpmw.APITokenFromRequest(r)
|
|
if token != "" {
|
|
return token
|
|
}
|
|
|
|
// Then try the specific cookie name for the access method.
|
|
cookie, err := r.Cookie(AppConnectSessionTokenCookieName(accessMethod))
|
|
if err == nil && cookie.Value != "" {
|
|
return cookie.Value
|
|
}
|
|
|
|
return ""
|
|
}
|