From 06f10436769e14b694399067b5efaa0a23d25b0c Mon Sep 17 00:00:00 2001 From: K-shir0 Date: Tue, 27 Dec 2022 02:57:28 +0900 Subject: [PATCH] =?UTF-8?q?update=20SameSiteMode=20=E3=82=92=E5=88=87?= =?UTF-8?q?=E3=82=8A=E6=9B=BF=E3=81=88=E3=82=8B=E3=82=B3=E3=83=B3=E3=83=95?= =?UTF-8?q?=E3=82=A3=E3=82=B0=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmd/rikka/config.go | 3 ++- cmd/rikka/config.yaml.example | 1 + cmd/rikka/main.go | 10 +++++++++- scripts/README.md | 9 +++++++++ scripts/create_rehearsal.py | 4 ++-- scripts/create_user.py | 5 ++++- 6 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 scripts/README.md diff --git a/cmd/rikka/config.go b/cmd/rikka/config.go index c36c94e..127fe5b 100644 --- a/cmd/rikka/config.go +++ b/cmd/rikka/config.go @@ -43,7 +43,8 @@ type CORSConfig struct { } type StoreConfig struct { - Secure bool `yaml:"secure"` + Secure bool `yaml:"secure"` + SameSiteStrictMode bool `yaml:"sameSiteStrictMode"` } type RedisConfig struct { diff --git a/cmd/rikka/config.yaml.example b/cmd/rikka/config.yaml.example index 9653453..6c2a40a 100644 --- a/cmd/rikka/config.yaml.example +++ b/cmd/rikka/config.yaml.example @@ -11,6 +11,7 @@ cors: ## Cookie Secure Flag store: secure: false + sameSiteStrictMode: false notify: answer: https://hooks.slack.com/services/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 mariadb: diff --git a/cmd/rikka/main.go b/cmd/rikka/main.go index d5e1b68..281f1c8 100644 --- a/cmd/rikka/main.go +++ b/cmd/rikka/main.go @@ -86,12 +86,20 @@ func init() { f.Close() log.Fatalf(errors.Wrapf(err, "Failed to open redis connection.").Error()) } + + var sameSiteMode http.SameSite + if config.Store.SameSiteStrictMode { + sameSiteMode = http.SameSiteStrictMode + } else { + sameSiteMode = http.SameSiteDefaultMode + } + store.Options(sessions.Options{ MaxAge: 43200, Path: "/", Secure: config.Store.Secure, HttpOnly: true, - SameSite: http.SameSiteNoneMode, + SameSite: sameSiteMode, }) minioClient, err = minio.New(config.Minio.Endpoint, &minio.Options{ Creds: credentials.NewStaticV4(config.Minio.AccessKeyID, config.Minio.SecretAccessKey, ""), diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 0000000..20f59e8 --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,9 @@ +```sh +python scripts/create_user.py {API-Server-IP}/api + +user_group_name: ictsc +user_group_organization: ictsc +user_group_invitation_token: ictsc_token +user_name: ictsc +user_password: ictsc +``` \ No newline at end of file diff --git a/scripts/create_rehearsal.py b/scripts/create_rehearsal.py index 5b873f3..4cf36db 100644 --- a/scripts/create_rehearsal.py +++ b/scripts/create_rehearsal.py @@ -8,10 +8,10 @@ def main(): client.HTTPConnection.debuglevel = 1 logging.basicConfig(level=logging.DEBUG) - rikka = Rikka(baseurl="https://ss.ictsc.net/api") + rikka = Rikka(baseurl="http://localhost:8080/api") print(f"\x1b[33m\n*** signin\x1b[0m") - rikka.signin("ictsc", "2ht4BN9q6tjc") + rikka.signin("admin", "password") print(f"\x1b[33m\n*** Create user group\x1b[0m") resp = rikka.create_usergroup("team90", "team90", "ictsc2021team90hotstage", False) diff --git a/scripts/create_user.py b/scripts/create_user.py index 523885d..7a01683 100644 --- a/scripts/create_user.py +++ b/scripts/create_user.py @@ -1,5 +1,6 @@ from ictsc2021 import Rikka +import sys import logging from http import client @@ -8,7 +9,9 @@ def main(): client.HTTPConnection.debuglevel = 1 logging.basicConfig(level=logging.DEBUG) - rikka = Rikka(baseurl="https://ss.ictsc.net/api") + baseurl = sys.argv[0] + + rikka = Rikka(baseurl="http://localhost:8080/api") ugn = input("user_group_name: ") ugo = input("user_group_organization: ")